K11068141: Python vulnerability CVE-2014-9365

Security Advisory Description The HTTP clients in the 1 httplib, 2 urllib, 3 urllib2, and 4 xmlrpclib libraries in CPython aka Python 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not a check the certificate against a trust store or verify that the server hostname matches...

Blind Eagle Hackers Return with Refined Tools and Sophisticated Infection Chain

A financially motivated threat actor tracked as Blind Eagle has resurfaced with a refined toolset and an elaborate infection chain as part of its attacks targeting organizations in Colombia and Ecuador. Check Point's latest research offers new insights into the Spanish-speaking group's tactics an...

Exploit for CVE-2022-30190

Five Nights at Follina's A Fullstack Academy Cybersecurity pro...

Exploit for CVE-2022-30190

Five Nights at Follina's A Fullstack Academy Cybersecurity pro...

CVE-2022-35873

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2022-35873

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2022-35873

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2022-35873

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2022-35873

CVE-2022-35873 affects Inductive Automation Ignition 8.1.15 (b2022030114). The vulnerability arises in ZIP file processing; crafted ZIP data can cause the application to execute arbitrary Python scripts, with code execution in the SYSTEM context. Exploitation requires user interaction (victim mus...

(Pwn2Own) Inductive Automation Ignition ZIP File Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PT-2022-22984 · Inductive Automation · Inductive Automation Ignition

Name of the Vulnerable Software and Affected Versions: Inductive Automation Ignition version 8.1.15 b2022030114 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

Plone denial of service via RSS Feed Request

pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service infinite loop via an RSS feed request for a folder the user does not have permission to access...

IDACode - An Integration For IDA And VS Code Which Connects Both To Easily Execute And Debug IDAPython Scripts

IDACode makes it easy to execute and debug Python scripts in your IDA environment without leaving Visual Studio Code. The VS Code extension can be found on the marketplace. IDACode is still in a very early state and bugs are to be expected. Please open a new issue if you encounter any issues...

pocsuit3

Based on the provided code and metadata, here is a compact paragraph of 5-7 sentences summarizing the repository: This repository is an open-sourced remote vulnerability testing and proof-of-concept development framework called pocsuite3, developed by the Knownsec 404 Team. It comes with a powerf...

PYSEC-2021-370

Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional...

PYSEC-2021-368

Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional...

BIOPASS RAT Uses Live Streaming Steal Victims’ Data

Online gambling companies in China are being targeted by a new remote access trojan RAT which, in addition to its predictable features — like file assessment and exfiltration — takes the novel approach of using live streaming to spy on the screens of its victims. The malware was identified by a...

Exploit for SQL Injection in Zabbix

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable applications and services, along with exploit modules and tools for testing and demonstrating vulnerabilities. The primary vulnerability being targeted is not explicitly stated...

Exploit for Improper Input Validation in Microsoft

This is a PoC Proof of Concept exploit for CVE-2020-1350, also known as SigRed. The exploit is designed to target DNS servers and allows for remote code execution. The exploit is written in Python and consists of several files: configure.py: This script is used to set up the payload and Apache HT...