Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
ebdc5e55d3ddb75e805e16f7f15ec82c6fbf3f0bbc5e9b5df8c6c8290f0dc6c3FreeRadius versions 3.0.19 and below suffer from a privilege escalation vulnerability via insecure logrotate use.
b1530adb048264dc55962092b5838c2dd92892b9cb06e495e7eec72711ab01efRaritan CommandCenter Secure Gateway versions prior to 8.0.0 suffer from a cross site scripting vulnerability.
fb82d6a6a5fcfdb0c98c5ca5755246bc0e4e73ea60db5fe5cfd714ae4a41030dRaritan CommandCenter Secure Gateway versions prior to 8.0.0 suffer from an XML external entity injection vulnerability. A remote unauthenticated attacker may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts by using this vulnerability.
d36bb1d62f7027f3eb89783eaa7976f6ef38f3f825ebed9433772ee4d2a64e59TP-Link Archer VR300 version 1 suffers from a persistent cross site scripting vulnerability.
d755fac29b30e955d8e053dc02aa5c6042f6a62b5bc904c57f5242de99873035WordPress Social Gallery plugin version 1.0 suffers from a remote code execution vulnerability.
bbe844100afc7fc347c3541effe85c9a4537bc9b409cfe30a235d907352a6c5eThe c0c0n 2020 Middle East call for papers has been announced. It will take place June 15th through the 18th, 2020 at the St. Regis in Abu Dhabi.
be01899210382405d9d5da8b0e0fed33327e4fd0108067490e6f176ae60e4cecCentraleyezer suffers from a remote shell upload vulnerability.
bc09fddb5d076496f0d59495eef17f0532cc279c9de1f6f8b7f3efba56124ba8Kamerka is an OSINT tool that builds an interactive map of cameras, printers, tweets, and photos leveraging Flickr, Instagram, Shodan, and Twitter.
88a3fe6de6a1c3017fe9a78646ade0fa944a4da08f3a6ef686ccd4fc0f5c708aiOS suffers from a sandbox escape vulnerability due to an integer overflow in mediaserverd.
2b4a9f24dc9fb9fa02db02c8a4e93a710241e3d12f49d9ae097344a6df912908Red Hat Security Advisory 2019-3892-01 - This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, information leakage, and traversal vulnerabilities.
d033b077fbe5857e973c9773a4c3ebbcdddde8391b77c6d861aa36baf37bde9fUbuntu Security Notice 4194-1 - Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges.
49e9162083c95fde49d6cabf5e1324a20ce51e5f237f4ac4b89994beb11fc306Red Hat Security Advisory 2019-3890-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.
58ec058b8047ee0b0d0f8f0f056d3b3821ac2c69406e95aed3edae8d848446a2Ubuntu Security Notice 4193-1 - Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.
e4b5e355b02180c8af5057b89aa4d74148e0c2a725d6ea57faf2278975e06a71Red Hat Security Advisory 2019-3888-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.
0bc732a6ed8b9ae3ced97fe444effa027c0a0845e450e26198df2d74b5a0b169Red Hat Security Advisory 2019-3889-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write vulnerability was addressed.
84f73c26bb629a1bbaeb8cd241c7633beff29735b63cd8382c4bd754a003a7d0Red Hat Security Advisory 2019-3887-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. An arbitrary kernel memory write vulnerability was addressed.
9ab632ed83bbabd23d67d2fd5c9c984382c8bc06cc07fd1d01578bb99eb07cd0Shrew Soft VPN Client version 2.2.2 suffers from an unquoted service path vulnerability.
135678976944a39c4dbe26959a6578f3305757c2dd1d93b888dd1b35cd1aa468
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed