OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
2951ebc2a3e9a03333618ceda7fe2c00e16f880255d3d4f48068cd8164715944
Buffalo TeraStation TS-Series with firmware versions 1.5.7 and below suffer from file disclosure and command injection vulnerabilities.
a1a174bf53968f44a8d76eb7f7bf2481d5306ead2f09c68a726696b25e20edf1
D-Link DCS Cameras suffer from authentication bypass and remote command execution vulnerabilities due to a remote information disclosure of the configuration.
c1329b50cb25791144375301f318deb9c2bb5c9ab4b24f003828a94666df0172
Apple Security Advisory 2013-01-28-2 - Apple TV 5.2 is now available and addresses multiple security vulnerabilities.
42bab3685b63ecaaa1a338a87d718948262788e299652246eee46d5030ba1a1e
Apple Security Advisory 2013-01-28-1 - iOS 6.1 Software Update is now available and addresses multiple security vulnerabilities.
2dc7367b3d4bb04f6b00e22c62f360fcdc9286ad438bff55476607b328ce0475
Cisco Security Advisory - The Portable Software Developer Kit (SDK) for Universal Plug-n-Play (UPnP) devices contain a libupnp library, originally known as the Intel SDK for UPnP Devices, which is vulnerable to multiple stack-based buffer overflows when handling malicious Simple Service Discovery Protocol (SSDP) requests.
8c9ec518f9576f7d3ec9cf9045faff6035b5098412a401f43bfbeeb4c0a728b0
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
f2f13eb92aabdf5dc35dc7bc6bf3c0871c6c250dddadca85516f3dcb5686d4da
Ubuntu Security Notice 1708-1 - Wenlong Huang discovered that libvirt incorrectly handled certain RPC calls. A remote attacker could exploit this and cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. Tingting Zheng discovered that libvirt incorrectly handled cleanup under certain error conditions. A remote attacker could exploit this and cause libvirt to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
382adae9f81677b0019c102b19cb2666bfdc504fe302ed2e7caa413ac0620235
Red Hat Security Advisory 2013-0203-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on Rails framework. A flaw was found in the way Active Support performed the parsing of JSON requests by translating them to YAML. A remote attacker could use this flaw to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created JSON request.
43034685c3bfb65bd941bf354202fb7dea7eb46bb501ac09245ba42666e4f087
Ubuntu Security Notice 1710-1 - Dan Prince discovered an issue in Glance error reporting. An authenticated attacker could exploit this to expose the Glance operator's Swift credentials for a misconfigured or otherwise unusable Swift endpoint.
a8a09ccaeac158a8d29c02bde4efb94e0ca13120c3c4459c94dc77cda6d548ad
Ubuntu Security Notice 1709-1 - Phil Day discovered that nova-volume did not validate access to volumes. An authenticated attacker could exploit this to bypass intended access controls and boot from arbitrary volumes.
5177923a98c6ac3d386d478932348341849cee8513897b5d2a3b5446af35bc08
DACS is a light-weight single sign-on and role-based access control system providing flexible, modular authentication methods and powerful, transparent rule-based authorization checking for Web services, CGI programs, or virtually any program.
476c0bcb54920e49b43f398e6fecd02c9109784718c8b1415b4c1c7c75561c71
A buffer overflow vulnerability exists in EMC AlphaStor that could potentially be exploited by a malicious user to create a denial of service condition or execute arbitrary code. EMC AlphaStor version 4.0 prior to build 814 is affected.
c72b06bd5f6d41e9b7fe14bee9a1a610ea2db6a5ca209ce7002b36f8b6c212ec
This is an encoding tool for 32-bit x86 shellcode that assists a researcher when dealing with character filter or byte restrictions in a buffer overflow vulnerability or some kind of IDS/IPS/AV blocking your code.
24cbd02dad424b5fd7d67f805453ad43602a5c6137991b63c1de00f94e0d7407
Elgg versions 1.8.12 and 1.7.16 suffer from a cross site scripting vulnerability in the Twitter Widget module.
0320007144203c2cbfa4115016d3b9111ca9e9c639ff2e1bf920708cb685b296