Ubuntu: Security Advisory (USN-6066-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-1808)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-1826)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2023-1826)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts...

HammerSpace GDE / GFS 4.6.6-324 Authentication Bypass

Affected Product: HammerSpace Global Data Environment / Global File System - https://hammerspace.com/product Affected Versions: v4.6.6-324 and below with default installation/configuration. Vendor Notified: Yes, sometime between: 08/2022 and 10/2022, confirmed 2023-03-21 there is a fix in an...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2023-1808)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts...

[SECURITY] Fedora 38 Update: mirrorlist-server-3.0.6-6.fc38

The mirrorlist-server uses the data created by MirrorManager2 to answer client request f or the "best" mirror. This implementation of the mirrorlist-server is written in Rust. The original version of the mirrorlist-server was part of the MirrorManager2 repository and it is implemented using Pytho...

AlmaLinux 9 : samba (ALSA-2023:2127)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2127 advisory. - Netlogon RPC Elevation of Privilege Vulnerability CVE-2022-38023 Note that Nessus has not tested for this issue but has instead relied only on the application's...

Amazon Linux 2023 : python3-future (ALAS2023-2023-173)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-173 advisory. An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. CVE-2022-40899 Tenable has...

Fortigate 7.0.1 Stack Overflow Exploit

c@ubuntu:/LABS$ cat fp17.py !/usr/bin/env python3 fortigate 7.0.1 postauth stack overflow 0day more: https://code610.blogspot.com/2023/04/fuzzing-fortigate-7.html Pid: 00243, application: newcli, Firmware: FortiGate-VM64 v7.0.1,build0157b0157,210714 GA Release, Signal 6 received, Backtrace:...

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169-CACTI-1.2.22 This is a exploit of CVE-2022-4616...

Mobile Mouse 3.6.0.4 Remote Code Execution

Exploit Title: Mobile Mouse 3.6.0.4 Remote Code Execution v2 Date: Apr 28, 2023 Exploit Author: Chokri Hammedi Vendor Homepage: https://mobilemouse.com/ Software Link: https://www.mobilemouse.com/downloads/setup.exe Version: 3.6.0.4 Tested on: Windows 10 Enterprise LTSC Build 17763 !/usr/bin/env...

Exploit for Double Free in Openbsd Openssh

CVE-2023-25136 OpenSSH 9.1 vulnerability mass scan and exploit...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-1646)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.1 : python3 (EulerOS-SA-2023-1646)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-1680)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.0 : python3 (EulerOS-SA-2023-1680)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows...

Exploit for SQL Injection in Jeecg Jeecg-Boot

CVE-2023-1454 jmreport/qurestSql – Unauthorized SQL inject...

Debian DSA-5391-1 : libxml2 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5391 advisory. - The libxml2 project reports: Hashing of empty dict strings isn't deterministic Fix null deref in xmlSchemaFixupComplexType CVE-2023-28484, CVE-2023-29469 Note...

PostgreSQL 9.6.1 Remote Code Execution

Exploit Title: PostgreSQL 9.6.1 - Remote Code Execution RCE Authenticated Date: 2023-02-01 Exploit Author: Paulo Trindade @paulotrindadec, Bruno Stabelini @Bruno Stabelini, Diego Farias @fulcrum and Weslley Shaimon Github: https://github.com/paulotrindadec/CVE-2019-9193 Version: PostgreSQL 9.6.1 ...