Exploit for Deserialization of Untrusted Data in Apache Ofbiz

CVE-2020-9496 Because the 2 xmlrpc related requets in webtools...

SUSE SLED12 / SLES12 Security Update : lasso (SUSE-SU-2021:2589-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2589-1 advisory. - Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. CVE-2021-28091 Note that Nessus has not...

Exploit for Out-of-bounds Write in Sudo_Project Sudo

CVE-2019-18634 N-Day Exploit Slides https://docs.googl...

Moderate Photon OS Security Update - PHSA-2021-4.0-0072

Updates of 'python3-lxml' packages of Photon OS have been released...

Moderate Photon OS Security Update - PHSA-2021-0072

Updates of 'python3-lxml' packages of Photon OS have been released...

Updated python3 packages fix security vulnerabilities

Update python3 to 3.8.11 to fix several security issues. Fixes in 3.8.10 are also included. Bundled pip and setuptools were updated in 3.8.11 so python-pip needs to be updated to 21.1.3 and python-setuptools to 56.2.0 at the same time. Also, we fix the following issue: In Python before 3.9.5, the...

Photon OS 4.0: Python3 PHSA-2021-4.0-0060

An update of the python3 package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0060. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection Exploit

Exploit Title: Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection Discovered by: Jeroen - IT Nerdbox Exploit Author: Metin Yunus Kandemir Version: sg2000-2000.1331 Vendor Homepage: https://www.seagate.com/ Software Link:...

Security fix for the ALT Linux 9 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

Critical Photon OS Security Update - PHSA-2021-4.0-0060

Updates of 'python3-urllib3', 'zeromq', 'rubygem-bundler' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2021-0060

Updates of 'zeromq', 'python3-urllib3', 'rubygem-bundler' packages of Photon OS have been released...

Security fix for the ALT Linux 10 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

CVE-2019-20907 affecting package python3 3.7.7-2

CVE-2019-20907 affecting package python3 3.7.7-2. An upgraded version of the package is available that resolves this issue...

CVE-2019-18348 affecting package python3 3.7.9-2

CVE-2019-18348 affecting package python3 3.7.9-2. An upgraded version of the package is available that resolves this issue...

CVE-2020-26116 affecting package python3 3.7.7-2

CVE-2020-26116 affecting package python3 3.7.7-2. An upgraded version of the package is available that resolves this issue...

CVE-2020-14422 affecting package python3 3.7.9-2

CVE-2020-14422 affecting package python3 3.7.9-2. An upgraded version of the package is available that resolves this issue...

CVE-2021-23336 affecting package python3 3.7.9-4

CVE-2021-23336 affecting package python3 3.7.9-4. An upgraded version of the package is available that resolves this issue...

CVE-2020-29396 affecting package python3 3.7.9-3

CVE-2020-29396 affecting package python3 3.7.9-3. An upgraded version of the package is available that resolves this issue...

GitDump - A Pentesting Tool That Dumps The Source Code From .Git Even When The Directory Traversal Is Disabled

GitDump dumps the source code from .git when thedirectory traversal is disabled Requirements Python3 Tested on Windows Kali Linux What it does Dump source code from website/.git directory when directory traversal is disabled. How it works Fetch all common files .git/index, .git/HEAD, .git/ORIGHEA...

WordPress Plainview Activity Monitor 20161228 Remote Code Execution

Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...