nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
9b45c12efd74856693c87adc001b0781499f828a68c8e2f07f3d4e78b5d06eba
Ubuntu Security Notice 4524-1 - Paul Dreik discovered that TNEF incorrectly handled filenames. If a user were tricked into opening a specially crafted email attachment, an attacker could possibly use this issue to write arbitrary files to the filesystem or cause TNEF crash, resulting in a denial of service.
9dae4bef7f22d332fc118db9cc9179022b8d88ceeaedb2803a8459a640f9408b
Ubuntu Security Notice 4523-1 - It was discovered that LibOFX did not properly check for errors in certain situations, leading to a NULL pointer dereference. A remote attacker could use this issue to cause a denial of service attack.
a43e3929d71365b6f1a1afc08c4b951515675a96ee5bcc895a619d3a309afbfc
Seat Reservation System version 1.0 suffers from an unauthenticated file upload vulnerability that allows for remote code execution.
f51980f4cdcbccbc7521c2a7dab9d0a487666c168a76426fc20232877e5f661b
Red Hat Security Advisory 2020-3780-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
e9058870707c8054ebf0ed4d4fe08b29682f1db80e6c11bddeeeed76a3ecb5a4
Ubuntu Security Notice 4522-1 - It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting attacks.
5ae21e4984019a08972b1af6dcd3d7045a3453ee999b9508be4edcc8f21311a6
Ubuntu Security Notice 4521-1 - It was discovered that pam_tacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this issue to expose sensitive information.
ccb6a3b4c4b8fe16bc4c03f405b9650af662bfa30fd1846b1c8c2121ef142839
Mida eFramework version 2.9.0 suffers from having a backdoor access vulnerability.
86e2305e7a7f0d25c6dfbab6d4adb6739f2f26ffa8ef6c2b548172995425ddfb
BlackCat CMS version 1.3.6 suffers from a cross site request forgery vulnerability.
b357b4740c79899cf76358887a76b53060714f53efb12a16879b0ef3a7d24388
Seat Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
2befaf88792c81606e89b39a2185e4fea15c18b4589266da9acf985547878add
Online Shop Project version 1.0 suffers from a remote SQL injection vulnerability.
852fa5b6ad3034ff4cf495c78db5430ddb3965cbd5d7c83d76b84021759ebb6a
This Metasploit module exploits command injection vulnerabilities and an insecure default sudo configuration on VyOS versions 1.0.0 through 1.1.8 to execute arbitrary system commands as root. VyOS features a restricted-shell system shell intended for use by low privilege users with operator privileges. This module exploits a vulnerability in the telnet command to break out of the restricted shell, then uses sudo to exploit a command injection vulnerability in /opt/vyatta/bin/sudo-users/vyatta-show-lldp.pl to execute commands with root privileges. This module has been tested successfully on VyOS 1.1.8 amd64 and VyOS 1.0.0 i386.
b66d6e6dd1c51b3775727b717e6c2e5f0d992e14e7e7e85bf10477d801697f46
Ubuntu Security Notice 4520-1 - It was discovered that Exim SpamAssassin does not properly handle configuration strings. An attacker could possibly use this issue to execute arbitrary code.
ab7d2b4e684b780d0359b05f76463bd983cde89a7a7466f98dfbf800fc604239
B-swiss 3 Digital Signage System version 3.6.5 suffers from an authenticated arbitrary PHP code execution vulnerability. The vulnerability is caused due to the improper verification of uploaded files in index.php script thru the rec_poza POST parameter. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in the /usr/users directory. Due to an undocumented and hidden maintenance account admin_m which has the highest privileges in the application, an attacker can use these hard-coded credentials to authenticate and use the vulnerable image upload functionality to execute code on the server.
81325cc43145d675e9565f4495143d5688fea28975fe4bdf5d8382c06d0f3b36
ForensiTAppxService version 2.2.0.4 suffers from an unquoted service path vulnerability.
1a5f41445eaf06765a3f8b203b11dc30ee0c1de3a341210da9a8aa8e63d6770d