Daily Expense Manager version 1.0 suffers from a cross site request forgery vulnerability.
f8eed60508e8e9594b73d61a302fe23c508f6927f003f384139e0c5e65b7a940
Fortinet FortiRecorder versions 2.7.3 and below have a hardcoded password vulnerability.
3a6315c0671057bcf74ea761ef9ba1a63e3cd4c86918a3e6eeb31fa0a17f45d3
This repository contains several tools Project Zero uses to test iPhone messaging. It includes SmsSimulator: an SMS simulator for iPhone, iMessage: tools for sending and dumping iMessage messages, and imapiness: a fuzzer for IMAP clients. See the directory for each tool for further instructions and contact information. This is not an officially supported Google product. These tools were released and presented at BlackHat USA 2019.
fa8f560293640c4759f220069490d2498cf18f75ce1183b3ab8f77dd819585e5
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
40a44ec7924dab19c6d0954fee409b9bea68df405ef9074741f34bee18038923
Opencart versions 3.0.3.2 and below insecure OCMod generation pre-authentication remote code execution exploit.
aff700064927d5ac0527010e924dfb35a2658666867ef180d347026bd4dce7c2
Ubuntu Security Notice 4089-1 - It was discovered that Rack incorrectly handled carefully crafted requests. A remote attacker could use this issue to execute a cross-site scripting attack.
ca3a2542adb8b014e4980393a5037646cf859cb370907aa152998819b189f0d7
Red Hat Security Advisory 2019-2411-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
047d05f784457ec09bc3083cf9e694ae3aac8eded39bd2eb1e1ea51dff7ade8a
Ubuntu Security Notice 4088-1 - It was discovered that PHP incorrectly handled certain regular expressions. An attacker could possibly use this issue to expose sensitive information, cause a denial of service or execute arbitrary code.
dc28ef210c6e8c252367083a1a5c6515f27768aa4455ff5a3b255b7ce315d8d9
Red Hat Security Advisory 2019-2405-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
412c1c44ac3d87cbbad738856106f7406cb4301044d240cb7523bedeafb903e9
Red Hat Security Advisory 2019-2399-01 - The libssh2 packages provide a library that implements the SSH2 protocol. Issues addressed include an out of bounds write vulnerability.
2c7b52210a9dbb15c07cfe183bdc2bf24cf676d8726f61b8fe418f83c930eef9
Red Hat Security Advisory 2019-2403-01 - Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. A memory corruption vulnerability was addressed.
35303eabbc088f2190b4762e166886d8f4f9268c4f463ef28dac774e3542a38a
Red Hat Security Advisory 2019-2401-01 - The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Issues addressed include a heap overflow vulnerability.
47ae16696b0e5b96efbdda51cb748fdbfd8d87e31974ac412038d46d7eda2b73
Red Hat Security Advisory 2019-2402-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Stack overflow vulnerabilities have been addressed.
acea42bd46edaf2078173eb391f758e7695ba32e4216ac70d687b67255ff6bae
Red Hat Security Advisory 2019-2400-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
40cb0438d7e5583476efd1460c7ad022ae9f70b85d61b6f7f310bd1aa53ba633
Red Hat Security Advisory 2019-2002-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.
a78e39b8347f82c5deda449c03eef68970092376c58c9981e797979baea0b685
WordPress JoomSport plugin version 3.3 suffers from a remote SQL injection vulnerability.
8086b0c85c73e5f8bf6d357e49fd9f003ace61f16398d977655fe43de8072198