sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
2cf861c9b8c1bb794e051ff201d9c9e0c81bc17f9821ffc856db56a3302c7030
Ubuntu Security Notice 4350-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.80 in Ubuntu 19.10 and Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.30. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
3386b2168d314b3a928a3eb905b14a24788ffa6250c63ce4488b8fedd8e8efef
Red Hat Security Advisory 2020-1938-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
ae21ee7345ead503667084191915de255f07cc2d4ef5b24835fa6e2ef33aa755
Red Hat Security Advisory 2020-1942-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
01bb661609ab3192817a701ca49ad0b08d1a38fc2378e40661a1dcdc6bb6b61f
File Explorer for iOS version 1.4 suffers from an access bypass vulnerability.
3271d0317f2dc249ade02aac72b68c9f5748f74b70b7eda653e0c48251f37f3a
Red Hat Security Advisory 2020-1939-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
c9565bdfba88f692738404acbafec25048c9fa9adcb44d1910d5c843c6dda49a
Whitepaper called Blind CreateRemoteThread Privilege Escalation.
0feaebddbfb162c2e4fd17749e74b69abeec8f569844a263547f50f9947215fa
Red Hat Security Advisory 2020-1940-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.
5c8286026161834150bc224ae569c7f9918c61f720077ef24af660e965df2b83
Red Hat Security Advisory 2020-1937-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.
2d0f50b11ebb3854f22682e25046044243c2723e8d72c93194a4ce7e1900d354
addressbook version 9.0.0.1 suffers from a remote SQL injection vulnerability.
8ac0abb38b1288213f725535667d465f6e94582a3f08bdc804bb553ebdc37462
sshprank is a fast SSH mass-scanner, login cracker, and banner grabber tool using the python-masscan and shodan modules.
ea08d0e4f4164e6fd9822fd5ed584fc0dd742e9421304229114a46a212120777
Frigate version 3.36 SEH buffer overflow exploit that pops a calculator.
df825190b7321f1a1ac767d98ca534544e84ab26ed639bbd5fe26d466a1b81ad
Red Hat Security Advisory 2020-1936-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include HTTP request smuggling and out of bounds write vulnerabilities.
fec2b23d766320c1d0b7efd5dd4b407e4b9b62bf6a60ee9745bb96b892b789c1
Outline Service version 1.3.3 suffers from an unquoted service path vulnerability.
eaf47c0bdb149a85b4d5355adde8ce98d41458b8a5c33c8c7bb0ad5549d7e607
This Metasploit module exploits a .NET deserialization vulnerability in the Veeam ONE Agent before the hotfix versions 9.5.5.4587 and 10.0.1.750 in the 9 and 10 release lines. Specifically, the module targets the HandshakeResult() method used by the Agent. By inducing a failure in the handshake, the Agent will deserialize untrusted data. Tested against the pre-patched release of 10.0.0.750. Note that Veeam continues to distribute this version but with the patch pre-applied.
3a39658bf47262748661ca7044fe2e5486e6651dbbd2393cc015ff567bd9335a
This Metasploit module is an exploit that takes advantage of xglance-bin, part of HP's Glance (or Performance Monitoring) version 11 and subsequent, which was compiled with an insecure RPATH option. The RPATH includes a relative path to -L/lib64/ which can be controlled by a user. Creating libraries in this location will result in an escalation of privileges to root.
d8c4bb35d621bfc8cf65e13632145031a44e20cc02cc3e3045d3ba14a00ed48b
BoltWire version 6.03 suffers from a local file inclusion vulnerability.
5bccddcdf955aa9e8c8ca3bf0f7f17107851ff49aa2ae6656444a81d38391290
Fishing Reservation System suffers from multiple remote SQL injection vulnerabilities.
1c6c9d0518b087691bff33c382ebf63f0bc0d5838e771248f0498000b14bd817