Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
13c2c92f9d427ac50f74688dd08838ac
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
e11cb37c83f2b1c1179aa293e1b53b81
Backdoor.Win32.Burbul.b malware suffers from bypass and man-in-the-middle vulnerabilities.
c78d63aa6aa039b11938e3036991d041
IRC-Worm.Win32.Silentium.a malware suffers from an insecure permissions vulnerability.
ea86c34c522a2e91ed94255670b2b1a8
Red Hat Security Advisory 2021-1050-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.
5ff8aca5506d26ec6be3fd12d445df48
Red Hat Security Advisory 2021-1051-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service and memory leak vulnerabilities.
0db1df594bd5aabba0243d259f43fb74
Gentoo Linux Security Advisory 202103-4 - A vulnerability in SQLite could lead to remote code execution. Versions less than 3.34.1 are affected.
f59bbf0f68384bc27dd0164f4bade7f9
Gentoo Linux Security Advisory 202103-3 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.1.1k are affected.
07c6a7c57274c3e07d6e5c3532051d5e
DD-WRT 45723 UPNP buffer overflow proof of concept exploit.
17a62ea4aa2f2068dd9c6095863db4c2
Gentoo Linux Security Advisory 202103-2 - A vulnerability in Redis could lead to remote code execution. Versions less than 6.0.12 are affected.
af7622951971546dcb0d1a64641ed6ef
Gentoo Linux Security Advisory 202103-1 - Multiple vulnerabilities have been found in Salt, the worst of which could allow remote attacker to execute arbitrary commands. Versions less than 3000.8 are affected.
0cd739c7c18a6d6fa64563d34a9ef065
CourseMS version 2.1 suffers from a persistent cross site scripting vulnerability.
c6d92d8ff1b03a63ccbba251393b4281
Ubuntu Security Notice 4898-1 - Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A remote attacker in control of an HTTPS proxy could use this issue to bypass certificate checks and intercept communications. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. Various other issues were also addressed.
231654afdd07d6769fa7452e76aff9ab
Red Hat Security Advisory 2021-0943-01 - This release of Red Hat build of Eclipse Vert.x 4.0.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include an information leakage vulnerability.
5bf88be24268af1389deac22cd4f2316
Ubuntu Security Notice 4897-1 - Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service.
da06c873044e900cf790a50e5d2b52d1
Ubuntu Security Notice 4896-1 - It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting attacks.
c33ea5822b285f067c1e517b1590672f
Zabbix version 3.4.7 suffers from a persistent cross site scripting vulnerability.
9b37595af3105ebb1bdbfb86a4f60c5b
Red Hat Security Advisory 2021-0956-01 - ed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.23. Issues addressed include a denial of service vulnerability.
193c56b7e8d512f05fd63a1c32499bbb
Red Hat Security Advisory 2021-1044-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management, and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.10.1 serves as an update to Red Hat Process Automation Manager 7.10.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
f7218a65d8a3b09a97d776ae7a13d45d
Red Hat Security Advisory 2021-1039-01 - MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. Issues addressed include a code execution vulnerability.
eb83999d1a898b79450166b0d99df7d9