nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
9b45c12efd74856693c87adc001b0781499f828a68c8e2f07f3d4e78b5d06ebaUbuntu Security Notice 4524-1 - Paul Dreik discovered that TNEF incorrectly handled filenames. If a user were tricked into opening a specially crafted email attachment, an attacker could possibly use this issue to write arbitrary files to the filesystem or cause TNEF crash, resulting in a denial of service.
9dae4bef7f22d332fc118db9cc9179022b8d88ceeaedb2803a8459a640f9408bUbuntu Security Notice 4523-1 - It was discovered that LibOFX did not properly check for errors in certain situations, leading to a NULL pointer dereference. A remote attacker could use this issue to cause a denial of service attack.
a43e3929d71365b6f1a1afc08c4b951515675a96ee5bcc895a619d3a309afbfcSeat Reservation System version 1.0 suffers from an unauthenticated file upload vulnerability that allows for remote code execution.
f51980f4cdcbccbc7521c2a7dab9d0a487666c168a76426fc20232877e5f661bRed Hat Security Advisory 2020-3780-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
e9058870707c8054ebf0ed4d4fe08b29682f1db80e6c11bddeeeed76a3ecb5a4Ubuntu Security Notice 4522-1 - It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting attacks.
5ae21e4984019a08972b1af6dcd3d7045a3453ee999b9508be4edcc8f21311a6Ubuntu Security Notice 4521-1 - It was discovered that pam_tacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this issue to expose sensitive information.
ccb6a3b4c4b8fe16bc4c03f405b9650af662bfa30fd1846b1c8c2121ef142839Mida eFramework version 2.9.0 suffers from having a backdoor access vulnerability.
86e2305e7a7f0d25c6dfbab6d4adb6739f2f26ffa8ef6c2b548172995425ddfbBlackCat CMS version 1.3.6 suffers from a cross site request forgery vulnerability.
b357b4740c79899cf76358887a76b53060714f53efb12a16879b0ef3a7d24388Seat Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
2befaf88792c81606e89b39a2185e4fea15c18b4589266da9acf985547878addOnline Shop Project version 1.0 suffers from a remote SQL injection vulnerability.
852fa5b6ad3034ff4cf495c78db5430ddb3965cbd5d7c83d76b84021759ebb6aThis Metasploit module exploits command injection vulnerabilities and an insecure default sudo configuration on VyOS versions 1.0.0 through 1.1.8 to execute arbitrary system commands as root. VyOS features a restricted-shell system shell intended for use by low privilege users with operator privileges. This module exploits a vulnerability in the telnet command to break out of the restricted shell, then uses sudo to exploit a command injection vulnerability in /opt/vyatta/bin/sudo-users/vyatta-show-lldp.pl to execute commands with root privileges. This module has been tested successfully on VyOS 1.1.8 amd64 and VyOS 1.0.0 i386.
b66d6e6dd1c51b3775727b717e6c2e5f0d992e14e7e7e85bf10477d801697f46Ubuntu Security Notice 4520-1 - It was discovered that Exim SpamAssassin does not properly handle configuration strings. An attacker could possibly use this issue to execute arbitrary code.
ab7d2b4e684b780d0359b05f76463bd983cde89a7a7466f98dfbf800fc604239B-swiss 3 Digital Signage System version 3.6.5 suffers from an authenticated arbitrary PHP code execution vulnerability. The vulnerability is caused due to the improper verification of uploaded files in index.php script thru the rec_poza POST parameter. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in the /usr/users directory. Due to an undocumented and hidden maintenance account admin_m which has the highest privileges in the application, an attacker can use these hard-coded credentials to authenticate and use the vulnerable image upload functionality to execute code on the server.
81325cc43145d675e9565f4495143d5688fea28975fe4bdf5d8382c06d0f3b36ForensiTAppxService version 2.2.0.4 suffers from an unquoted service path vulnerability.
1a5f41445eaf06765a3f8b203b11dc30ee0c1de3a341210da9a8aa8e63d6770d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed