Lucene search
K

39 matches found

CNNVD
CNNVD
added 2024/07/05 12:0 a.m.1 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a buffer overflow during tab completion...

7.8CVSS6.9AI score0.00256EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.3 views

SUSE CVE-2017-16544

In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...

7.8CVSS7.7AI score0.0624EPSS
Exploits12References10
OSV
OSV
added 2022/06/20 7:21 a.m.6 views

OPENSUSE-SU-2022:10016-1 Security update for firejail

This update for firejail fixes the following issues: firejail was updated to version 0.9.70: - CVE-2022-31214 - root escalation in --join logic boo1199148 Reported by Matthias Gerstner, working exploit code was provided to our development team. In the same time frame, the problem was independentl...

7.8CVSS8AI score0.00382EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2022/06/20 12:0 a.m.45 views

Security update for firejail (important)

openSUSE Security Update: Security update for firejail Announcement ID: openSUSE-SU-2022:10016-1 Rating: important References: 1199148 Cross-References: CVE-2022-31214 CVSS scores: CVE-2022-31214 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-S...

7.8CVSS7.8AI score0.00382EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2022/03/14 12:0 a.m.33 views

CVE-2022-20001

fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing...

7.8CVSS7.9AI score0.01417EPSS
Exploits0
Kitploit
Kitploit
added 2021/08/17 12:30 p.m.145 views

ReverseSSH - Statically-linked Ssh Server With Reverse Shell Functionality For CTFs And Such

A statically-linkedssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges, CTFs or similar. Has been developed and was extensively used during OSCP exam preparation. Get the latest Release Features Catching a reverse shell with...

7.7AI score
Exploits0References5
Kitploit
Kitploit
added 2020/07/24 12:30 p.m.31 views

Quiver - Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing

Quiver is the tool to manage all of your tools. It's an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn't hide commands fro...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/06/26 9:44 p.m.383 views

Cryptr - A Simple Shell Utility For Encrypting And Decrypting Files Using OpenSSL

A simple shell utility for encrypting and decrypting files using OpenSSL. Installation git clone https://github.com/nodesocket/cryptr.git ln -s "$PWD"/cryptr/cryptr.bash /usr/local/bin/cryptr Bash tab completion Add tools/cryptr-bash-completion.bash to your tab completion file directory...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2019/05/22 9:35 p.m.127 views

Graffiti - A Tool To Generate Obfuscated One Liners To Aid In Penetration Testing

NOTE : Never upload payloads to online checkers Graffiti is a tool to generate obfuscated oneliners to aid in penetration testing situations. Graffiti accepts the following languages for encoding: Python Perl Batch Powershell PHP Bash Graffiti will also accept a language that is not currently on...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2019/04/04 12:0 a.m.89 views

Ubuntu: Security Advisory (USN-3935-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.32381EPSS
Exploits19References2
Ubuntu
Ubuntu
added 2019/04/03 11:59 a.m.776 views

USN-3935-1: BusyBox vulnerabilities

Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14....

9.8CVSS7AI score0.32381EPSS
Exploits19
OSV
OSV
added 2019/04/03 11:59 a.m.6 views

USN-3935-1 busybox vulnerabilities

Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14....

9.8CVSS7AI score0.32381EPSS
Exploits19References11
Kitploit
Kitploit
added 2018/10/23 12:47 p.m.80 views

Bashark - Bash Post Exploitation Toolkit

Bashark aids pentesters and security researchers during the post-exploitation phase of security audits. Usage To launch Bashark on compromised host, simply source the bashark.sh script from terminal: $ source bashark.sh Then type help to see Bashark's help menu Features Single Bash script...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2017/12/29 1:5 p.m.14 views

Merlin - A cross-platform post-exploitation HTTP/2 Command & Control server and agent

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. An introductory blog post can be found here: https://medium.com/@Ne0nd0g/introducing-merlin-645da3c635a Getting Started The quickest and easiest way to start using Merlin is download the...

7.5AI score
Exploits0References3
OSV
OSV
added 2017/11/20 3:29 p.m.0 views

DEBIAN-CVE-2017-16544

In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...

8.8CVSS6.8AI score0.0624EPSS
Exploits12References1
OSV
OSV
added 2017/11/20 12:0 a.m.3 views

UBUNTU-CVE-2017-16544

In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...

8.8CVSS6.9AI score0.0624EPSS
Exploits12References4
Kitploit
Kitploit
added 2016/12/20 2:13 p.m.39 views

MSF-Remote-Console - A Remote Msfconsole To Connect To The Msfrcpd Server Of Metasploit

A remote msfconsole written in Python 2.7 to connect to the msfrcpd server of metasploit. This tool gives you the ability to load modules permanently as daemon on your server like autopwn2. Although it gives you the ability to remotely use the msfrpcd server it is recommended to use it locally wi...

7.8AI score
Exploits0References2
n0where
n0where
added 2015/09/23 6:19 p.m.21 views

User Friendly Interactive Shell: Fish

Fish is a smart and user-friendly command line shell for OS X, Linux, and the rest of the family. fish includes features like syntax highlighting, autosuggest-as-you-type, and fancy tab completions that just work, with no configuration required. FISH is designed to work with any other shell like...

7.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/07/22 12:0 a.m.31 views

RHEL 5 : bash (RHSA-2011:1073)

An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

6.9CVSS5.7AI score0.00338EPSS
Exploits0References3
Rows per page
Query Builder