Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
90404f393e1aa6c6fafeef71235bc634ebdb281bf5d4657ebbf60628cfae95ff
Cisco AnyConnect Secure Mobility Client for Windows version 4.8.01090 suffer from a privilege escalation vulnerability due to insecure handling of path names.
8ee614424eee5c4644b331ca89e2c2afc6470c9c8941cb5e0f7d3280686ef76c
QRadar Community Edition version 7.3.1.6 has a path traversal that exists in the session validation functionality. In particular, the vulnerability is present in the part that handles session tokens (UUIDs). QRadar fails to validate if the user-supplied token is in the correct format. Using path traversal it is possible for authenticated users to impersonate other users, and also to executed arbitrary code (via Java deserialization). The code will be executed with the privileges of the Tomcat system user.
d0089d965548cc9ad0cf3335b0445c8f608d84826c153acdf719f7a4d672de9a
QRadar Community Edition version 7.3.1.6 suffers from an authorization bypass vulnerability.
eaefd76762cac1aef9a9ba909eae0231fa2f6033f281a8d3c45881d26db41f86
QRadar Community Edition version 7.3.1.6 is vulnerable to instantiation of arbitrary objects based on user-supplied input. An authenticated attacker can abuse this to perform various types of attacks including server-side request forgery and (potentially) arbitrary execution of code.
79acda4a95f3ff77796484c45f9a5e4263e1e7678990f7cefeb06fe52b21e965
QRadar Community Edition version 7.3.1.6 suffers from a php object injection vulnerability.
f3ead7ab6cd9ff80673ed0eb62aee04ea3cf3ec0b0842fbda2123d7595ae9847
QRadar Community Edition version 7.3.1.6 suffers from a local privilege escalation due to insecure file permissions with run-result-reader.sh.
715d99b55d854b8fb9614afe2a7874cfe20587ea62fbe0dc00f243f7d7096d49
QRadar Community Edition version 7.3.1.6 suffers from a reflective cross site scripting vulnerability in the Forensics link analysis page.
de763810bd2f7fcedfeb5bef3c398e9153a25a188ec90a611064997aac9a057b
Red Hat Security Advisory 2020-1513-01 - Git is a distributed revision control system with a decentralized architecture. A credential leak vulnerability has been addressed.
c4caf637667ce99c4f0bd3337c845778695775264de1fe4ea35bc47925161cf4
Red Hat Security Advisory 2020-1518-01 - Git is a distributed revision control system with a decentralized architecture. A credential leak vulnerability has been addressed.
b1e3d6080cfa1645a6b7c274fe2026fefe3426f7b2a1a3724f1fcf04cfd1d6a1
Red Hat Security Advisory 2020-1514-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities.
d480ff02e34872a8c5d2a5061c4987a074dbf37d7dbc240fa7395c14b831c7ac
QRadar Community Edition version 7.3.1.6 suffers from cross site request forgery and weak access control vulnerabilities.
1caf5adfef98f5b24c0b2fa37febb95cb109d5510d52d085c81c9c3de940faf4
QRadar Community Edition version 7.3.1.6 has an issue where the RssFeedItem class of the QRadar web application is used to fetch and parse RSS feeds. No validation is performed on the user-supplied RSS feed URL. Due to the lack of URL validation (whitelisting), it is possible for authenticated attackers to execute Server-Side Request Forgery attacks. Using this issue it is possible to call the Apache Axis AdminService webservice in order to execute arbitrary code with the privileges of the Tomcat user.
c78ec41b4d8e07a1a88990b1959fd41ff5c7e8f2a7dc9c0d3bc5f59588faaa55
QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. Using this default password it is possible to download configuration sets containing sensitive information, including (encrypted) credentials and host tokens. With these host tokens it is possible to access other parts of QRadar.
7b24d2b362e3b645c36d7e340f45ee8ed555752f025a186acb8909e63ea7536d
Ubuntu Security Notice 4333-1 - It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service.
1967c18bd3169d4327564565e9b7b0b2a4f936862d568280504cb0802ebca14f
Sky File version 2.1.0 for iOS suffers from cross site scripting and directory traversal vulnerabilities.
1da9b3cb23fa8817040ca9fb3d24cdce84e94c7dadc69c2868cb4c0eed9a1022
Mahara version 19.10.2 suffers from a persistent cross site scripting vulnerability.
94fed8e7464056469688c0e2040d40c4ab132e55edc8127c1fa0f1a3a10d8632
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46
The haproxy hpack implementation in hpack-tbl.c handles 0-length HTTP headers incorrectly. This can lead to a fully controlled relative out-of-bounds write when processing a malicious HTTP2 request (or response).
6313a8193a04a7546984327f36401b3e595cd897bef3968ddef00a3d7d80f2c5
Red Hat Security Advisory 2020-1523-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Various serialization issues have been addressed.
85cc23fbad7d6bfd857fc2345aa818a2fbef4a4b3d09f16cbfca7af55e5e1414
Neowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation. Second version of this exploit that is updated to work with Python 3.
85cb5f2e3f8cc5c5c6046d113ad20c3b308549088088cf06664f3bfe93538150
Ubuntu Security Notice 4334-1 - Carlo Arenas discovered that Git incorrectly handled certain URLs containing newlines, empty hosts, or lacking a scheme. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.
820190f1fd2e16e5268a49e7f0499598d94db513cb8eb95a3b7797b7f8419fb0
Red Hat Security Advisory 2020-1512-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities.
9664c0aa12f56daa3f3af98d57823537d9c851d3dcc8b1eed8523f97a35365c4
P5 FNIP-8x16A / FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from cross site request forgery and cross site scripting vulnerabilities.
37dc134c292cda2331964baf8467bdf49fc496b2b3f1b9cc5c262880a403124f
Red Hat Security Advisory 2020-1509-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities.
e025cacebd2c8340f3adefc56b8e0018387c6cff6ed221a7c5ef90a58afb90de