Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
460f2d7205aed113f898df4947b1f66ccf8d080eec7dac229ef0b754c9ad6294
ntfs-3g mount helper in Ubuntu 16.04, 16.10, Debian 7, 8, and possibly 9 does not properly sanitize the environment when executing modprobe. This can be abused to load a kernel module and execute a binary payload as the root user.
2ca15f26f7b775b7c9e764235153327a7035b9b299e27a2b52603944e606c8c3
This Metasploit module exploits the default credentials of SolarWind LEM. A menu system is encountered when the SSH service is accessed with the default username and password which is "cmc" and "password". By exploiting a vulnerability that exist on the menuing script, an attacker can escape from restricted shell. This Metasploit module was tested against SolarWinds LEM v6.3.1.
38c9a347de106f708a89c8ce2d154e8a0699cc4ed9c612954b9310a28b9b7379
Airwatch versions 6.1.x and 6.4.x suffer from an ldap injection vulnerability.
de63a8e1e53104e08f13950e374edc66f2fd33fd0b373e7bbf041d5891287eb4
Avaya Radvision SCOPIA Desktop versions 7.7.000.042 and 8.2.101.046 suffer from a blind SQL injection vulnerability.
9df3a8763b4d5e5041c60ed04a57311756f2452722710236a1bec7035997445b
LanternCMS suffers from cross site scripting and remote SQL injection vulnerabilities.
10d7e8a5a9ae21aa469a8adb55db9076be8af353719bd4c575e7a05d73cca228
SilverStripe CMS versions 3.1.9 suffers from a path disclosure vulnerability.
add33c249921191d92637723848b95bc133583d1c0e290741c752d7043e43c6d
SmartJobBoard version 5.0.9 suffers from cross site scripting and information disclosure vulnerabilities.
c79e0d8f6a1f8afcd1cdbe7ed6730c17027d52772fefbc91a7eebe1dc62521f4
Computer Associates API Gateway versions 7, 8, and 9 suffer from CRLF response splitting and directory traversal vulnerabilities.
c3dd3bb5978a20a8fe51af9fbf3170c7d9624fcb5b17a87073c4c2abded21d2b
ManageEngine Applications Manager versions 12 and 13 suffers from code execution, cross site scripting, XXE injection, and remote SQL injection vulnerabilities.
e1e13048508f4633fd462aa20cb03dbf93dfb087461802ac1eb799e30684ba4e
Kaseya VSA version 9.02.00.04 suffers from an information disclosure vulnerability.
5a59d2ffedded5fe54949dd29511e3205fb1e3caac953287dc781deab3742ac4
Trimble / Manhattan Software IWMS version 9.x suffers from an XML external entity injection vulnerability.
034d6c464fd8dfb280cc2231b57e61e57db6af0250f94c9a8ef2fd8e71db6e52
Tweek!DM Document Management suffers from bypass and remote SQL injection vulnerabilities.
990171f149c1422942f3130de220f72cd20ac33b6f5a833745b2d53902b4acdb
Inchoo Facebook Connect plugin suffers from a cross site scripting vulnerability.
3b57827980094611b40d59abdcc9cf5477a6100b8983ee3cadbc5ac782f744d0
Red Hat Security Advisory 2017-0869-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). Enhancement:
c7b5eaf57adbad1eed998d1a79c4920ea877082a5e42528c470ee450b22b4b7b
HPE Security Bulletin HPESBGN03721 1 - A potential vulnerability has been identified in HPE Operations Bridge Analytics. The vulnerability could be exploited to allow remote cross-site scripting (XSS). Revision 1 of this advisory.
cc75e14e24e91487e125a1a448e29db239a06453cf8b6d08d66d024f7d747e7e
AcoraCMS version 7.0.0.6 suffers from arbitrary browser redirect and cross site scripting vulnerabilities.
b87426ec9fff88fdce255750542faa9c5b3eef962346cece91f55d16975ad4b2
Kaseya VSA version 6.5.0.0 suffers from cross site scripting and brute forcing vulnerabilities.
7fe218cd1c415fe7ecf706fc430277ad0a16b68a9d7aa68e327097eb8897004b
Maian Survey version 1.1 suffers from a remote SQL injection vulnerability.
135643f1f5cf111b556e74c6a07c97400359b992d68b9de6fc965f8fcfe720c0
Maian Greetings version 2.1 suffers from a remote SQL injection vulnerability.
d3577d5114f7cfd0b2637e700cafa78f065d0f9ae7e24019f660d9ec472b7ce6
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
6c5472401d06527e87adcb53dd270f3c9b1fb688703b04dd7a7cfb86289efe52
Maian Uploader version 4.0 suffers from a remote SQL injection vulnerability.
c8fd181fafea3f932cda69cd7c8b127b538ab5ca638746c5e0c391c76b34c8ff
Apache Tomcat versions 6, 7, 8, and 9 suffer from an information disclosure vulnerability.
731c512de3b9572b0d268461b83f563c6dac151dc2be51647331b04ca2296ad2