SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:1990-1)

This update for webkit2gtk3 fixes the following issues : Update to version 2.28.3 bsc1173998 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. +...

Fedora 31 : webkit2gtk3 (2020-d2736ee493)

Update to 2.28.3 : - Fix kinetic scrolling with async scrolling. - Fix web process hangs on large GitHub pages. - Bubblewrap sandbox should not attempt to bind empty paths. - Fix threading issues in the media player. - Fix several crashes and rendering issues. - Security fixes: CVE-2020-9802,...

Fedora 32 : webkit2gtk3 (2020-ab074c6cdf)

Update to 2.28.3 : - Fix kinetic scrolling with async scrolling. - Fix web process hangs on large GitHub pages. - Bubblewrap sandbox should not attempt to bind empty paths. - Fix threading issues in the media player. - Fix several crashes and rendering issues. - Security fixes: CVE-2020-9802,...

[SECURITY] Fedora 32 Update: mutt-1.14.5-1.fc32

Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...

[SECURITY] Fedora 31 Update: suricata-4.1.8-1.fc31

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Fedora: Security Advisory for suricata (FEDORA-2020-cd84e46e68)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4403-1: Mutt vulnerability and regression

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. CVE-2020-14954 This update also address a regression caused in the last update USN-4401-1. It only affected Ubuntu 12.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and...

Exploit for Use After Free in Microsoft

bLuEkEeP-GUI vulnerabilidad CVE-2019-0708 testing y explotacio...

September 24, 2019 — KB4515841 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1709

September 24, 2019 — KB4515841 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1709 Release Date: September 24, 2019 Version: .NET Framework 4.8 The September 24, 2019, update for Windows 10, version 1709 includes cumulative reliability improvements in Microsoft .NET Framework 4....

Exploit for Race Condition in Openbsd Openssh

PoC exploit for CVE-2018-15473, an OpenSSH username enumeration vulnerability. The target product/service is OpenSSH, and the vulnerability class/vector is username enumeration. The probable entry point is the sshUsernameEnumExploit.py script, which is invoked by the ENTRYPOINT in the Dockerfile...

[SECURITY] Fedora 32 Update: suricata-5.0.3-1.fc32

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Vulnx v2.0 - An Intelligent Bot Auto Shell Injector That Detect Vulnerabilities In Multiple Types Of CMS (Wordpress , Joomla , Drupal , Prestashop ...)

Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection,informations gathering and vulnerabilitie Scanning of the target like subdomains, ipaddresses, country, org, timezone, region, ans and more ... Instead of injecting each and...

Exploit for CVE-2020-1938

Description This tool is intended only for security research...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Integration Bus , IBM App Connect and WebSphere Message Broker

Summary Multiple vulnerabilities in OpenSSL affect IBM Integration Bus , IBM App Connect and WebSphere Message Broker. The DataDirect ODBC Drivers used by IBM App Connect , IBM Integration Bus and WebSphere Message Broker have addressed the applicable CVEs. Vulnerability Details CVEID:...

Escaping the Chrome Sandbox with RIDL

Guest blog post by Stephen Röttger tl;dr: Vulnerabilities that leak cross process memory can be exploited to escape the Chrome sandbox. An attacker is still required to compromise the renderer prior to mounting this attack. To protect against attacks on affected CPUs make sure your microcode is u...

Cisco Data Center Network Manager 11.2 Remote Code Execution

!/usr/bin/python """ Cisco Data Center Network Manager SanWS importTS Command Injection Remote Code Execution Vulnerability Tested on: Cisco DCNM 11.2.1 Installer for Windows 64-bit - Release: 11.21 - Release Date: 18-Jun-2019 - FileName: dcnm-installer-x64-windows.11.2.1.exe.zip - Size: 1619.36 ...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1145)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for suricata FEDORA-2019-52b360546c

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

POC-T

This is a Python-based penetration testing framework called POC-T. It is designed to facilitate concurrent testing of multiple targets and supports various features such as multi-threading, URL parsing, and user agent management. The framework includes a range of scripts for testing different...

openSUSE Security Update : haproxy (openSUSE-2019-2555)

This update for haproxy to version 2.0.5+git0.d905f49a fixes the following issues : Security issue fixed : - CVE-2019-14241: Fixed a cookie memory corruption problem. bsc1142529 The update to 2.0.5 brings lots of features and bugfixes : - new internal native HTTP representation called HTX, was...