RHEL 7 : kpatch-patch (RHSA-2023:0404)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0404 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...

The vulnerability of the BIOS microprogramming software on Dell workstations arises from insufficient validation of input data, allowing a hacker to execute arbitrary code.

The vulnerability of the BIOS software of Dell workstations exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

GHSA-G6PW-999W-J75M ELF header parsing library doesn't check for valid offset

The crate has several unsafe sections that don't perform proper pointer validation. An example can be found in the following function: fn sectionheaderraw&self - &ET::SectionHeader let shoff = self.elfheader.sectionheaderoffset as usize; let shnum = self.elfheader.sectionheaderentrynum as usize;...

ELF header parsing library doesn't check for valid offset

The crate has several unsafe sections that don't perform proper pointer validation. An example can be found in the following function: fn sectionheaderraw&self - &ET::SectionHeader let shoff = self.elfheader.sectionheaderoffset as usize; let shnum = self.elfheader.sectionheaderentrynum as usize;...

The vulnerability of Microsoft Office for Mac and 365 Apps for Enterprise packages lies in insufficient validation of input data, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office for Mac and 365 Apps for Enterprise packages is related to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

APTRS - Automated Penetration Testing Reporting System

APTRS Automated Penetration Testing Reporting System is an automated reporting tool in Python and Django. The tool allows Penetration testers to create a report directly without using the Traditional Docx file. It also provides an approach to keeping track of the projects and vulnerabilities...

Microsoft Security Update Validation Report January 2023

Microsoft’s January 2023 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwar...

REST-Attacker - Designed As A Proof-Of-Concept For The Feasibility Of Testing Generic Real-World REST Implementations

REST-Attacker is an automated penetration testing framework for APIs following the REST architecture style. The tool's focus is on streamlining the analysis of generic REST API implementations by completely automating the testing process - including test generation, access control handling, and...

Villain - Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions

Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers other machines running Villain and share their backdoor sessions, handy for working as a team. The main idea behind the payloads generated by this tool is inherited from...

CVE-2022-46178

MeterSphere (open source continuous testing platform) contains a path traversal vulnerability in versions prior to 2.5.1 where uploaded files are not validated for the filename, allowing writing to arbitrary paths via FileUtils.createFile by bypassing name checks. The root cause is lack of filena...

Understanding the Ecosystem of Smart Cities for the Purpose of Security Testing

Is there a defined ecosystem, similar to what we encountered with the Internet of Things IoT, that can be charted out as it relates to smart city technology and its security implications? While evaluating IoT I struggled with defining what IoT is. I found that there were varying definitions out...

CVE-2022-23544

MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. Versions prior to 2.5.0 are subject to a Server-Side Request Forgery that leads to Cross-Site Scripting. A Server-Side request forgery in...

vulhub

This is an offensive tool for web application security training and education. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository is a clone of vulhub/vulhub, which is a collection of vulnerable web applications and tools for testing and...

@essex/powerbi-visual-scripts (=1.1.0), @essex/visual-settings (>=1.0.0 <=3.0.0) +13 more potentially affected by CVE-2018-25049 via email-existence (>=0.1.2 <=0.1.6)

email-existence NPM version =0.1.2, =1.0.0, =1.0.0, =0.1.5, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.1.6, =1.2.4 Source cves: CVE-2018-25049 Source advisory: OSV:GHSA-P27H-4CPF-FW48...

OpenTSDB 2.4.0 Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in the yrange parameter in OpenTSDB through 2.4.0 CVE-2020-35476 in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If...

Kali Linux 2022.4 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2022.4. This release has various impressive updates. A summary of the changelog since August’s 2022.3 release: Microsoft Azure - We are back on the Microsoft Azure store More Platforms - Generic Cloud, QEMU VM image & Vagrant libvirt Social...

SilverStripe Subsite weakens file permissions

The subsites module can weaken edit restrictions on some files and allow a malicious user to edit files they do not have edit rights to. This only affects projects with the subsites module installed. Regression testing should focus on custom file logic. Be advised that this is not a case of a use...

[SECURITY] Fedora 37 Update: python3.9-3.9.16-1.fc37

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

[SECURITY] Fedora 36 Update: python3.9-3.9.16-1.fc36

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

[SECURITY] Fedora 37 Update: python3.7-3.7.16-1.fc37

Python 3.7 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.7, see other distributions that support it, such as an older Fedora release...