This Metasploit module exploits a directory traversal in F5's BIG-IP Traffic Management User Interface (TMUI) to upload a shell script and execute it as the root user.
b44d37fd43f21d22264736cf20b07fbb9f84fe54d9af05cc6f7d295d6faf7c6a
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
d88af1307f1fefac79aa4f2f524699478d69ce15a857cf2d0a90ac6bf2a50009
Red Hat Security Advisory 2020-2863-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
837191484782a05b314c701e73e9f52193d230d353fdf9841c1a8ce8fb2dd36a
Red Hat Security Advisory 2020-2861-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include cross site scripting, denial of service, and server-side request forgery vulnerabilities.
7d96fd5847793a13da10d62cd136d2c69b8b82bb97c74d6b0116ab9d53ef6f3e
Red Hat Security Advisory 2020-2864-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a resource exhaustion vulnerability.
c2a59387431dac2f55c6e38414588e80c837589e0e7022c305e721290d399cfa
Applebot/0.1 does not fully obey robots.txt as it interprets allow entries for Googlebot as implied permission for Applebot.
78ae053c4168117e295b49f3d21f45583932d75f34e82ed990e26f77540f353c
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.
3232771035cbd0580621c3e72dee06ff39416a505e07281e82a2d72191e1bb05
MikroTik RouterOS versions prior to stable 6.47 suffer from multiple null pointer dereference vulnerabilities and one division-by-zero vulnerability.
f62eaf7184c39f0e8b90c063e78e3e3b83c3de4f01b45d8555571c1e7818d1df
Various CDATA OLTs suffer from backdoor access with telnet, credential leaks, shell escape with root privileges, denial of service, and weak encryption algorithm vulnerabilities.
25ead8b8d6facee2b0e679c6d68a14a89d0c99b0b24923b75e4317730748e5e6
Ubuntu Security Notice 4420-1 - David Hill and Eric Harney discovered that Cinder and os-brick incorrectly handled ScaleIO backend credentials. An attacker could possibly use this issue to expose sensitive information.
9a5516719a6cd852208a09ce2e0c2fd9d5336c70a47a3ec7616bd35bbd6b1f26
Red Hat Security Advisory 2020-2854-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include denial of service, memory leak, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
88b10b591e7d9aa17f5a3f9a69794ba0c6e72031e7fea8f23b71c9502215f507
Red Hat Security Advisory 2020-2842-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Sampling issues were addressed.
13302dd0c178464aac1f730807510e7ab758da54a598b4507ab47b17801c43c5
Red Hat Security Advisory 2020-2840-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a file read vulnerability.
469268d94d9874f83794d1799a19f37aef89e17a5c24f2b64ccaa65b8bf4715e
Red Hat Security Advisory 2020-2846-01 - The gettext packages provide a documentation for producing multi-lingual messages in programs, set of conventions about how programs should be written, a runtime library, and a directory and file naming organization for the message catalogs. Issues addressed include a double free vulnerability.
abd78346ad688420cd8cfd177ae293b687744430001c8b706cc9bf2df1eac7a1
Red Hat Security Advisory 2020-2839-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
5d0415863a7ac6ac661eb3ddbe07e712d47dda455f58ec5fd3e138424ef84c8a
Red Hat Security Advisory 2020-2838-01 - The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Issues addressed include an out of bounds read vulnerability.
1d71ed1e890c2f1f1ddb63e40502c901cb735a62ea971317d50e72edebe3957c
Red Hat Security Advisory 2020-2844-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.
4999e4fd46f3504491e63ef0f0bc3cf682b401e214b56a282bbb6ccb74db88c2
Red Hat Security Advisory 2020-2833-01 - The K Desktop Environment is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment. Issues addressed include a code execution vulnerability.
cfe2f776112741a228438beaae6abbb11c05570959579901ea81fc916f2d8906
Red Hat Security Advisory 2020-2835-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include an underflow vulnerability.
55475f2ac05404b0dbd6c71ae701acb5dd0454b103210a1d65fd0819888efc0c
Red Hat Security Advisory 2020-2851-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, memory leak, and use-after-free vulnerabilities.
f605c3a284c143f78a257a18fb53f755d5eb05795ee953c04511eef9931e7052
Red Hat Security Advisory 2020-2852-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
1e24609706569805264896389d47a50da4b931bded85681c1a9784b359ee9210
Red Hat Security Advisory 2020-2848-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
01d7c988d318715dd14781e26eec5cc619ac01728927cd50142b32f5c9df60c2
Online Shopping Portal version 3.1 suffers from a remote SQL injection vulnerability.
eb7ead273e51bd644d976e45b7406df9d8353310a7af6f726aca2a9b8ae31227
Red Hat Security Advisory 2020-2849-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
dc60f758491980ac3a11561215a4caff0c35e2289f85ed044b975b26538c56e1
Red Hat Security Advisory 2020-2847-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
e5f4967b448d97773a801b2e8a80c6460ccfb6a255a99ae1e1723bed68884dab