Ubuntu Security Notice 3616-2 - USN-3616-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Python Crypto incorrectly generated ElGamal key parameters. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.
bba26afb207ddfb1391a3848e4cd104d
The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote code execution on the web server. Versions prior to 9.9.5, prior to 10.1, and 10.1 are affected.
15df09b097ae3bbbbbf2b776522b1bc8
KYOCERA Multi-Set Template Editor version 3.4.0906 suffers from an out-of-band XML external entity injection vulnerability.
0c8850a036da5916bbb8e718eccc4d21
Gentoo Linux Security Advisory 201804-9 - A vulnerability in SPICE VDAgent could allow local attackers to execute arbitrary commands. Versions prior to 0.17.0_p20180319 are affected.
dcdaf45598f66ad01e48ce3603651b58
WordPress Simple Fields plugin versions 0.2 through 0.3.5 suffer from file inclusion and remote code execution vulnerabilities.
6e2bf334cdac7f3f761fe52b39953c1e
WolfCMS 0.8.3.1 suffers from an open redirect vulnerability.
9659658b3ba770b72d025bbfce1467ca
Gentoo Linux Security Advisory 201804-8 - Multiple vulnerabilities have been found in QEMU, the worst of which may allow an attacker to execute arbitrary code. Versions less than 2.11.1-r1 are affected.
c969153354519977c6d88060ae101ad8
MyBB Recent Threads On Index plugin version 17.0 suffers from a cross site scripting vulnerability.
8307c11ddec1b8fa0f7961c36a8fbefc
KYOCERA Net Admin version 3.4.0906 suffers from a cross site request forgery vulnerability.
7ad8f76f1fae53993f2d3a96a9888f6f
KYOCERA Net Admin version 3.4.0906 suffers from a cross site scripting vulnerability.
018207298d9757ca292421d347ec5edb
Gentoo Linux Security Advisory 201804-7 - Multiple vulnerabilities have been discovered in libvirt, the worst of which may result in the execution of arbitrary commands. Versions less than 4.1.0 are affected.
b04af1b683130936c53fe58b5133575d
Gentoo Linux Security Advisory 201804-6 - Multiple vulnerabilities were discovered in mailx, the worst of which may allow a remote attacker to execute arbitrary commands. Versions less than 8.1.2.20160123 are affected.
2e4e9fe8ef30bcc7e51cf5d14291f7bb
This is a script to perform SSH/SSL RSA private key passphrase enumeration with a dictionary attack.
a7800e5b746d5a13f5f887936bcbc785
CyberArk Password Vault versions prior to 9.7 and 10 suffer from a memory disclosure vulnerability.
b723ff08301bf0026842a24515018be5
GoldWave version 5.70 SEH unicode local buffer overflow exploit.
544a4441dc2643b7e93657646a616123
H2 Database suffers from an alias related arbitrary code execution vulnerability.
6258e5f0b2d9984d657f41ca330733fb
Yahei PHP Prober version 0.4.7 suffers from a cross site scripting vulnerability.
f12a62cb7579b29c118d5b72292a0c3e
WP Live Chat Support version 8.0.05 suffers from a cross site scripting vulnerability.
49cae5682990389bb8e36325ff6af95d
Buddypress Xprofile Custom Fields Type version 2.6.3 suffers from a remote code execution vulnerability.
b1271d808196ceb371045fc509388d79
Cobub Razor version 0.7.2 bypass exploit to add new superuser account without authentication.
0e1d53745d7c2e94e6421e548e49b273
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
d067f85eced11c0a7f36d863e08a45ab