Exploit for Improper Initialization in Linux Linux_Kernel

dpipe Proof-of...

Security fix for the ALT Linux 10 package python3-module-django version 3.2.15-alt1

3.2.15-alt1 built Aug. 30, 2022 Alexey Shabalin in task 305627 Aug. 22, 2022 Alexey Shabalin - new version 3.2.15 - Fixes for the following security vulnerabilities: + CVE-2022-34265 Potential SQL injection via Trunckind and Extractlookupname arguments. + CVE-2022-36359 Potential reflected file...

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

It is an exploit module/toolkit targeting Apache Log4j. The targ...

Ubuntu 22.04 LTS : PyJWT regression (USN-5526-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5526-2 advisory. USN-5526-1 fixed vulnerabilities in PyJWT. Unfortunately this caused a regression by incrementing the internal package version number on Ubuntu 22.04 LTS. This...

Important Photon OS Security Update - PHSA-2022-3.0-0433

Updates of 'linux', 'linux-rt', 'linux-secure', 'linux-esx', 'squid', 'linux-aws', 'python3' packages of Photon OS have been released...

Security Bulletin: IBM Netezza for Cloud Pak for Data is vulnerable to injection attack due to urllib package in Python3 (CVE-2022-0391)

Summary IBM Netezza for Cloud Pak for Data is vulnerable to injection attack due to improper input validation by the urllib.parse module from Python3. Vulnerability is addressed by upgrading Pytthon to version 3.9.7. Vulnerability Details CVEID:CVE-2022-0391 DESCRIPTION: Python could provide weak...

NanoCMS v0.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: NanoCMS v0.4 - Remote Code Execution RCE Authenticated Date: 2022-07-26 Exploit Auuthor: p1ckzi Vendor Homepage: https://github.com/kalyan02/NanoCMS Version: NanoCMS v0.4 Tested on: Linux Mint 20.3 CVE: N/A Description: this script uploads a php reverse shell to the target. NanoCMS...

mPDF 7.0 - Local File Inclusion

Exploit Title: mPDF 7.0 - Local File Inclusion Google Dork: N/A Date: 2022-07-23 Exploit Author: Musyoka Ian Vendor Homepage: https://mpdf.github.io/ Software Link: https://mpdf.github.io/ Version: CuteNews Tested on: Ubuntu 20.04, mPDF 7.0.x CVE: N/A !/usr/bin/env python3 from urllib.parse impor...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2022-2144)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. Th...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2022-2169)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. Th...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-2144)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-2169)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Bottle vulnerability (USN-5532-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5532-1 advisory. It was discovered that Bottle incorrectly handled errors during early request binding. An attacker could possibly use this issue to disclo...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 1.2 security update

An update is now available for Red Hat Ansible Automation Platform 1.2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Exploit for Authentication Bypass by Spoofing in Zabbix

CVE-2022-23131poc-exp-zabbix CVE-2022-23131 Vulnerability Ba...

CodoForum v5.1 - Remote Code Execution Exploit

Exploit Title: CodoForum v5.1 - Remote Code Execution RCE Exploit Author: Krish Pandey @vikaran101 Vendor Homepage: https://codoforum.com/ Software Link: https://bitbucket.org/evnix/codoforumdownloads/downloads/codoforum.v.5.1.zip Version: CodoForum v5.1 Tested on: Ubuntu 20.04 CVE: CVE-2022-3185...

Critical Photon OS Security Update - PHSA-2022-0213

Updates of 'python3' packages of Photon OS have been released...

EulerOS Virtualization 2.10.1 : python3 (EulerOS-SA-2022-2119)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system...

CVE-2019-12900 affecting package python3 3.7.11-1

CVE-2019-12900 affecting package python3 3.7.11-1. An upgraded version of the package is available that resolves this issue...

EulerOS Virtualization 2.10.0 : python3 (EulerOS-SA-2022-2035)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL...