EulerOS 2.0 SP2 : openssl (EulerOS-SA-2019-1732)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the...

[SECURITY] Fedora 29 Update: mutt-1.12.0-1.fc29

Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...

[SECURITY] Fedora 30 Update: mutt-1.12.0-1.fc30

Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...

Security Bulletin: OpenSSL as used in IBM QRadar SIEM is vulnerable to a information disclosure (CVE-2018-5407)

Summary Open Source OpenSSL is vulnerable to a publicly disclosed vulnerability Vulnerability Details CVEID: CVE-2018-5407 Description: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution engine sharing on...

Brutality - A Fuzzer For Any GET Entries

A fuzzer for any GET entries. Features Multi-threading on demand Fuzzing, bruteforcing GET params Find admin panels Colored output Hide results by return code, word numbers Proxy support Big wordlist Colored Usages Install git clone https://github.com/ManhNho/brutality.git chmod 755 -R brutality/...

VulnX - CMS And Vulnerabilites Detector And An Intelligent Auto Shell Injector

Vulnx is a cms and vulnerabilites detection, an intelligent auto shell injector, fast cms detection of target and fast scanner and informations gathering like subdomains, ipaddresses, country, org, timezone, region, ans and more ... Instead of injecting shell and checking it works like all the...

Security Bulletin: A vulnerability in OpenSSL affects PowerKVM

Summary PowerKVM is affected by a vulnerability in OpenSSL. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2018-5407 DESCRIPTION: Multiple SMT/Hyper-Threading architectures and processors could allow a local attacker to obtain sensitive information, caused by execution...

Miteru - An Experimental Phishing Kit Detection Tool

Miteru is an experimental phishing kit detection tool. How it works It collects phishy URLs from the following feeds: CertStream-Suspicious feed via urlscan.io OpenPhish feed via urlscan.io PhishTank feed via urlscan.io Ayashige feed It checks each phishy URL whether it enables directory listing...

Microarchitectural Data Sampling speculative side channel

ISSUE DESCRIPTION Microarchitectural Data Sampling refers to a group of speculative sidechannels vulnerabilities. They consist of: CVE-2018-12126 - MSBDS - Microarchitectural Store Buffer Data Sampling CVE-2018-12127 - MLPDS - Microarchitectural Load Port Data Sampling CVE-2018-12130 - MFBDS -...

Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities - Lenovo Support US

No description provided...

Microsoft Guidance to mitigate Microarchitectural Data Sampling vulnerabilities

Executive Summary On May 14, 2019, Intel published information about a new subclass of speculative execution side channel vulnerabilities known as Microarchitectural Data Sampling. An attacker who successfully exploited these vulnerabilities may be able to read privileged data across trust...

FreeBSD-SA-19:07.mds

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:07.mds Security Advisory The FreeBSD Project Topic: Microarchitectural Data Sampling MDS Category: core Module: kernel Announced: 2019-05-14 Credits: Refer t...

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

IBM BigFix Platform 9.5.x < 9.5.12 Multiple Vulnerabilities

According to its self-reported version, the IBM BigFix Platform application running on the remote host is 9.5.x prior to 9.5.12. It is, therefore, affected by multiple vulnerabilities : - An arbitrary file upload vulnerability exists in IBM BigFix Platform. An authenticated, remote attacker can...

Denial Of Service (DoS)

Tcl Tool Command Language provides a powerful platform for creating integration applications that tie together diverse applications, protocols, devices, and frameworks. When paired with the Tk toolkit, Tcl provides a fast and powerful way to create cross-platform GUI applications. Two denial of...

Amazon Linux 2 : openssl (ALAS-2019-1188)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information.CVE-2018-5407 If an application encounters a fatal protocol error...

EulerOS Virtualization 2.5.3 : openssl (EulerOS-SA-2019-1267)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use...

EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1145)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the...

RapidRepoPull - Tool To Quickly Pull And Install Repos From A List

Description This program uses Python to clone/maintain multiple security related repos using threading and multiprocessing Goal The goal of this program is to quickly pull and install repos from its list Use cases Quickly install your favorite Security repos on a new system Kick off multiple...

openssl security update

CentOS Errata and Security Advisory CESA-2019:0483 An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...