testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
70f00460fab958f2f607e805b46a05db0fd288009d6b94b3db97f3ae2f412612This Metasploit module has been tested on a Wemo-enabled Crock-Pot, but other Wemo devices are known to be affected, albeit on a different RPORT (49153).
313030894a5a2f95690cc02bc8dcac3485b44c43cb7d61a2f727c2e2876c4867FaceTime suffers from a memory corruption vulnerability in texture processing.
456e0d893dd3df1abb1fe038f7897df89ba3cdd6079859c0904cf3a92f19a6eaMicrosoft Edge has an issue where the default flash click2play whitelist is insecure.
b67a708bf7118de58f25eedb37a2a8891d000105b033f1e3397bcf8d54354a2aOn Android, a ptrace hold makes the seccomp filter useless on devices with a kernel with a version lower than 4.8.
3e453d8a0b66eabf3fb14496e3b956eb35595602fa7cd46eabc06f12c2f17e88Red Hat Security Advisory 2019-0373-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.1 ESR. Issues addressed include integer overflow and use-after-free vulnerabilities.
d9e619b1d1cfe086dd5ea0a1600b42ab8ccd0f1e5d123f8460a10ba9333849e7Red Hat Security Advisory 2019-0380-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.6 serves as a replacement for Red Hat Single Sign-On 7.2.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.
32aad9996df6400db8adadb3fa8c9c6302bbd9bc31c388eac459b86318d6202aMaxxAudio Drivers WavesSysSvc64.exe version 1.6.2.0 suffers from a file permission privilege escalation vulnerability that results in SYSTEM level access.
72acdde174438eb054a35431880ce052ad4a8290bb3ba6a600028ee487a2cb42Typo3 CMS Shop System tt_products version 2.9.4 suffers from a remote SQL injection vulnerability.
a1087c356603521371568f7a148ffcb60f4c8f7eb34cf5f93acacc890aab581eThis write up contains details on how to perform remote code execution within Jenkins.
b2778c5909b5caa4600f203d2cb9e206f951f241ec4064260b0def5b6e79e4f2Webiness Inventory version 2.3 suffers from an arbitrary file upload vulnerability.
6a948a73f6a62c627c29bebbebdd3b8689ed5297ffbfd18a4154c4f41d07a5d7Typo3 CMS T3 EasyEvent tx_easyevent_pi1 version 0.37.3 suffers from a remote SQL injection vulnerability.
889c82d58908360a61314b3731f19568106fc3353a3fda8746ce1d07faa858caWordPress WooCommerce plugin with GloBee cryptocurrency payment gateway versions 1.1.1 and below suffer from payment bypass and unauthorized order status spoofing vulnerabilities.
5d41f3beb23e6475cdb7f79063b3b7f3607b789d08d102a39383c4596a176c61Typo3 CMS Realty Manager tx_realty_pi1 version 2.0.0 suffers from database disclosure and remote SQL injection vulnerabilities.
955e4364b2d9b82802bb5d368c70f1c178902350074dc7ba2ed1bda4f172d4d9Zoho ManageEngine ServiceDesk Plus (SDP) versions prior to 10.0 build 10012 suffer from an arbitrary file upload vulnerability.
e370325c125ed93cabb906e3e837c2afb415d355b1cb2e06e3d4ed6f06c3a997Typo3 CMS Commerce DAM connector tx_commerce_pi1 version 0.1.0 suffers from a remote SQL injection vulnerability.
c8ac79b68913600e9ffec2902b0158dc3076a94264333ec4186ceed17be51e71Zoho ManageEngine Netflow Analyzer Professional version 7.0.0.2 suffers from cross site scripting and path traversal vulnerabilities.
375cc946706082f7dd87ef6af82f28e81c81990350ca6091127e6c8353ff8890XAMPP version 5.6.8 suffers from cross site scripting and remote SQL injection vulnerabilities.
aee21c0f747793895d521255fb087042b76b5acfe5559a745fee582d264300edNetSetMan version 4.7.1 suffers from a denial of service vulnerability.
cfa6c27ee559599406430d937b5de097c39d775e84725051356f77365875f7bdTypo3 Calendar Base tx_pxkalender_pi1 version 2.0.0 suffers from database disclosure and remote SQL injection vulnerabilities.
1f9daf88907eee3c3a1ddccb5ff483e2428554dcf439d16e709216f109eb9103Typo3 CMS BrowserMaps Leaflet Tutorial tx_browser_pi1 version 8.0.39 suffers from a remote SQL injection vulnerability.
913c6640099821a90fb77fa429fc34ea1e1399873a5f4e37967c5150eedd565aJoomla JWallPapers component version 2.0.1 suffers from cross site request forgery and remote shell upload vulnerabilities.
c0733beafdc727b5294813e2e75d2f0db04438cc89472d568a0b915c661ca582eDirectory suffers from file disclosure and remote SQL injection vulnerabilities.
2fb5f367cc11194092b3265a40beff727abcae4d0d02be2925e3340e5ec98687BulletProof FTP Server version 2019.0.0.50 suffers from a denial of service vulnerability.
2a43584f12399c92954b03bc94e5188e397c5c3d32426a31e1f5bde211baefcaValentina Studio version 9.0.4 suffers from a denial of service vulnerability.
12ced74f01f99e335da155854038f1b957286c2e50e278eb863e967fa9f45d27
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed