Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
0c10f12b424a40ee19bde00292098e201d7498535c062d8d5b586d07861a54b5Red Hat Security Advisory 2020-1333-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.
96a067fecec2836eda0cd5e4a2232e9531620efb5ceff259de1c772e98d0635dRed Hat Security Advisory 2020-1331-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.
9c2d6de70096e4467df16fcc53798f10415f39563c73878bb87493b2fd999da8Red Hat Security Advisory 2020-1332-01 - KornShell is a Unix shell developed by AT+T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard. A code injection vulnerability has been addressed.
e5c75d600477e9b087450bb8699274001aaf564423f0cf307cdd74fd71e23e04Red Hat Security Advisory 2020-1326-01 - OpenStack Shared Filesystem Service provides services to manage network filesystems for use by Virtual Machine instances.
11a6b8d6484baac8b5d9e5a85525daa85a40457604e5a6d7e06a9f1c6e7d3628The Windows "net use" network logon type-3 command does not prompt for authentication when the built-in Administrator account is enabled and both remote and originating systems suffer from password reuse. This also works as "standard" user but unfortunately we do not gain high integrity privileges. However, it opens the door and increases the attack surface if the box we laterally move to has other vulnerabilities present.
951dfb35f9a363b5e914b804355769c12f596ba4c1d0f4de84c1869765e684c7LimeSurvey version 4.1.11 suffers from a Survey Groups persistent cross site scripting vulnerability.
df3e45472fe0c92c7d67f5d5dc0037bf3764a1c3defb70f0ed668401e0954839This Metasploit module exploits command injection vulnerability in v-list-user-backups bash script file. Low privileged authenticated users can execute arbitrary commands under the context of the root user. An authenticated attacker with a low privileges can inject a payload in the file name starts with dot. During the user backup process, this file name will be evaluated by the v-user-backup bash scripts. As result of that backup process, when an attacker try to list existing backups injected payload will be executed.
c994018871aaf2d9fb2b0d77fe7087abdbe4671491c2b25721371a3f880b91c3A vulnerability exists within the Microsoft Server Message Block 3.1.1 (SMBv3) protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe.
b897523218de261b528a25b48e985e91f958585e7ae9753a0c897e339abe8503Red Hat Security Advisory 2020-1334-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. An arbitrary code execution vulnerability was addressed.
664967439d5ea282c0facd49a014ec94aae3d32598048bc134f5f999ecb7b541This Metasploit module exploits a vulnerability found in Pandora FMS 7.0NG and lower. net_tools.php in Pandora FMS 7.0NG allows remote attackers to execute arbitrary OS commands.
13c1b77ffe29ebb14e76ff947c09afeab3c3fd57df6d696dbd84ba9e2f67037aThis Metasploit module exploits a preauth Server-Side Template Injection vulnerability that leads to remote code execution in PlaySMS before version 1.4.3. This issue is caused by double processing a server-side template with a custom PHP template system called TPL which is used in the PlaySMS template engine at src/Playsms/Tpl.php:_compile(). The vulnerability is triggered when an attacker supplied username with a malicious payload is submitted. This malicious payload is then stored in a TPL template which when rendered a second time, results in code execution.
69a0f4388bcdfe1db7116c0d2b6663a925f860d9e3598da1d2bb51cf94a6700fRed Hat Security Advisory 2020-1335-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. An arbitrary code execution vulnerability was addressed.
daffcb8a8a981a2595f69a4544cfb3ea934971af45e409786b6a746d3888420apfSense version 2.4.4-P3 suffers from a User Manager persistent cross site scripting vulnerability.
57226099c9505a4e67a7f8bfe20c56ced5e7cde849785f5bc51e18f02ff9ce95Red Hat Security Advisory 2020-1325-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include code execution and denial of service vulnerabilities.
2f2f2c53d6e250b07b121b76a0eea7a5ad19925d05d681c49010a07858fc5ae9Bolt CMS version 3.7.0 suffers from an authenticated remote code execution vulnerability.
262facd2f0fdd5ed141e29f22bdab6b54fd025b952333424aa8f80d8ee4f027bRed Hat Security Advisory 2020-1324-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.
2fc65aca7c721672bcd1ad2728442682f05f53d75519f7b999663f63ac6bc6a1Vanguard version 2.1 suffers from multiple cross site scripting vulnerabilities.
412220fc7032057c7d49d6ef7f42fe0b1716b9c7acfcba5cfba057b964babba3Ubuntu Security Notice 4317-1 - Two use-after-free bugs were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit these to cause a denial of service or execute arbitrary code.
3e2811d98dc9c78447f83a763155fcf9a8fa92184d344a3cab387e46b48406a5WhatsApp Desktop version 0.3.9308 suffers from a persistent cross site scripting vulnerability.
92e40eb6061e659675b76d4c9cead134b84c467d9f33ed0ad867dc0747766250Red Hat Security Advisory 2020-1318-01 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. An arbitrary code execution vulnerability was addressed.
c3d3ec7c19475a1f897e35db7cf184c0aaa07c04d3792ea6e0a641c209511cb8ZOC Terminal version 7.25.5 denial of service proof of concept exploit.
eb34fa7ef3c85a78edef17c5107b089eb67b15aa017a717797cb4860b84b689dGentoo Linux Security Advisory 202004-7 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 74.0.1 are affected.
26f53858b2614b7136c16e5f94b7e35cbd4b1cb1d731a19bd92ebd9d6c74a7e2SpotAuditor version 5.3.4 Name denial of service proof of concept exploit.
09a5b735887185b6a509049de0e85788ec88270c9b144dee181d67f755393c3dRed Hat Security Advisory 2020-1317-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include an integer overflow vulnerability.
d509e833181bbffeb5a19b451618f05e84a3a9b6dd2ac563e58c9f98f4194944
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed