Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4485-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4485-1 advisory. Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the...

@csltech/strong-nginx-controller (>=1.0.2 <=1.0.3), @csltech/strong-pm (>=7.0.0 <=7.0.2) +56 more potentially affected by CVE-2016-1000226 via swagger-ui (>=2.0.17 <=2.1.8-M1)

swagger-ui NPM version =2.0.17, =1.0.2, =7.0.0, =3.0.1, =2.0.0, =1.0.1, =1.0.1, =2.8.29, =1.0.1, =5.0.232, =0.0.1, =0.4.1, =1.0.1, =0.0.1, =0.0.27, =0.1.9 and more Source cves: CVE-2016-1000226 Source advisory: OSV:GHSA-7F59-X49P-V8MQ...

Design/Logic Flaw

Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system...

CVE-2020-2251

CVE-2020-2251 affects the Jenkins SoapUI Pro Functional Testing Plugin (versions up to 1.5). The issue, described in multiple sources, is that project passwords are transmitted in plain text as part of job configuration forms within the plugin, creating a potential information disclosure risk. Se...

CVE-2020-2250

CVE-2020-2250 affects Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier. The underlying issue is that project passwords are stored unencrypted in job config.xml files on the Jenkins controller, enabling disclosure when an attacker has Extended Read permission or file-system access to t...

CVE-2020-2244

Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting XSS vulnerability exploitable by attackers able to provide console output for builds used to test build log indications...

CrossC2 - Generate CobaltStrike's Cross-Platform Payload

A security framework for enterprises and Red Team personnel, supports CobaltStrike's penetration testing of other platforms Linux / MacOS / ..., supports custom modules, and includes some commonly used penetration modules. Only for internal use by enterprises and organizations, this framework has...

PowerSploit

This is a PowerShell module repository called PowerSploit, which is a collection of tools for penetration testing and red teaming. The repository contains several modules, including AntivirusBypass and CodeExecution. The AntivirusBypass module is designed to help evade antivirus detection, and it...

ysoserial

This is a Java tool called ysoserial, which is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool is designed to create payloads that can be used to execute arbitrary code on a Java application that performs unsafe deserialization of objects...

CVE-2020-25064

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 August 2020...

CVE-2020-25064

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 August 2020...

Code injection

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 August 2020...

CVE-2020-25064

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 August 2020...

CVE-2020-25064

Technical details (affected products, vulnerable component, root cause, exploit information) are not provided in the connected documents. Monitor for updates from LG/Security advisories.

OS4Ed openSIS install remote code execution vulnerability

Summary A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. A specially crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.4 Product URLs...

Can Vulnerability Scanning Replace Penetration Testing?

By Waqas The major misconception that leads to lots of security breaches in businesses is - treating both Vulnerability scanning and Penetration Testing alternative to one another. This is a post from HackRead.com Read the original post: Can Vulnerability Scanning Replace Penetration Testing?...

vulhub

It is an offensive tool for Vulnerable Environments Based on Docker-Compose. The repository contains a collection of pre-built vulnerable docker environments, allowing users to easily create and test vulnerable environments without requiring prior knowledge of Docker. The tool is designed to be...

monero:cold-outputs_fuzz_tests: Crash in tools::wallet2::import_outputs

Project: https://github.com/monero-project/monero.git Detailed Report: https://oss-fuzz.com/testcase?key=5443075625975808 Project: monero Fuzzing Engine: libFuzzer Fuzz Target: cold-outputsfuzztests Job Type: libfuzzerasanmonero Platform Id: linux Crash Type: UNKNOWN READ Crash Address:...

[SECURITY] Fedora 32 Update: dnsperf-2.3.4-2.fc32

This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...

ezEmu - Simple Execution Of Commands For Defensive Tuning/Research

ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers ", ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry. Windows See /Linux for ELF ezEmu is compiled as...