Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-34058 DESCRIPTION: VMware Tools could allow a remote attacker to gain elevate...

RLSA-2024:0256 Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-eventlet) security update

An update for python-eventlet is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

python-werkzeug: high resource consumption leading to denial of service

A resource consumption flaw was found in python-werkzeug. If a specially crafted file is uploaded by a remote attacker, it may cause a denial of service...

python-werkzeug: high resource consumption leading to denial of service

A resource consumption flaw was found in python-werkzeug. If a specially crafted file is uploaded by a remote attacker, it may cause a denial of service...

What Is Dynamic DNS

Delving into the Multiple Aspects of the Dynamic Domain Name Protocol DDNS: A Detailed Scrutiny DDNS, standing for Dynamic Domain Name System, is an automatic procedure crafted to maintain the synchronization of the data associated with a DNS server. This system functions uninterruptedly to make...

python3 security update

3.6.8-56.0.1.3 - Security fix for CVE-2023-27043 Resolves: rhbz2196183...

EulerOS 2.0 SP9 : python-urllib3 (EulerOS-SA-2023-3316)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers fo...

EulerOS 2.0 SP11 : grpc (EulerOS-SA-2023-3271)

According to the versions of the grpc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms ex. Linux allows an attacker to cause...

python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...

Moderate: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Exploit for OS Command Injection in Tp-Link Archer_Vr1600V_Firmware

Archer TP-Link VR1600V Router Local Remote Command Execution E...

Pmkidcracker - A Tool To Crack WPA2 Passphrase With PMKID Value Without Clients Or De-Authentication

This program is a tool written in Python to recover the pre-shared key of a WPA2 WiFi network without any de-authentication or requiring any clients to be on the network. It targets the weakness of certain access points advertising the PMKID value in EAPOL message 1. Program Usage python...

Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ALSA-2024:0256 Moderate: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Path traversal in flaskcode

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/ URI from views.py, allows attackers to write to arbitrary files...

GHSA-6H4Q-63C5-QFQF Path traversal in flaskcode

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a GET request to a /resource-data/.txt URI from views.py, allows attackers to read arbitrary files...

Exploit for Server-Side Request Forgery in Apache Ofbiz

BadBizness Automatic exploitation scrip...

CVE-2023-52288

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a GET request to a /resource-data/.txt URI from views.py, allows attackers to read arbitrary files...

CVE-2023-52289

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/ URI from views.py, allows attackers to write to arbitrary files...