WordPress Dosimple theme version 2.0 suffers from a cross site scripting vulnerability.

Gentoo Linux Security Advisory 202003-59 - Multiple vulnerabilities have been found in libvpx, the worst of which could result in the execution of arbitrary code. Versions less than 1.8.1 are affected.

Gentoo Linux Security Advisory 202003-60 - Multiple vulnerabilities have been found in QtCore, the worst of which could result in the execution of arbitrary code. Versions less than 5.13.2-r2 are affected.

Gentoo Linux Security Advisory 202003-61 - A vulnerability in Adobe Flash Player might allow remote attackers to execute arbitrary code. Versions less than 32.0.0.330 are affected.

Gentoo Linux Security Advisory 202003-62 - A buffer overflow in GNU Screen might allow remote attackers to corrupt memory. Versions less than 4.8.0 are affected.

Gentoo Linux Security Advisory 202003-63 - Multiple vulnerabilities have been found in GNU IDN Library 2, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.2.0 are affected.

Gentoo Linux Security Advisory 202003-64 - Multiple vulnerabilities have been found in libxls, the worst of which could result in the arbitrary execution of code. Versions less than 1.5.2 are affected.

Gentoo Linux Security Advisory 202003-65 - Multiple vulnerabilities have been found in FFmpeg, the worst of which allows remote attackers to execute arbitrary code. Versions greater than or equal to 4 are affected.

Gentoo Linux Security Advisory 202003-66 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.0-r2 are affected.

Gentoo Linux Security Advisory 202004-1 - A vulnerability in HAProxy might lead to remote execution of arbitrary code. Versions less than 2.0.10 are affected.

Gentoo Linux Security Advisory 202004-2 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 6.1.2 are affected.

Gentoo Linux Security Advisory 202004-3 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which could result in the execution of arbitrary code. Versions prior to 9.28_rc4 are affected.

Gentoo Linux Security Advisory 202004-4 - A heap use-after-free flaw in Qt WebEngine at worst might allow an attacker to execute arbitrary code. Versions less than 5.14.1 are affected.

Gentoo Linux Security Advisory 202004-5 - Multiple vulnerabilities have been found in ledger, the worst of which could result in the arbitrary execution of code. Versions less than 3.1.2 are affected.

Gentoo Linux Security Advisory 202004-7 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 74.0.1 are affected.

Gentoo Linux Security Advisory 202004-8 - A vulnerability in libssh could allow a remote attacker to cause a Denial of Service condition. Versions less than 0.9.4 are affected.

Gentoo Linux Security Advisory 202004-9 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 81.0.4044.92 are affected.

Gentoo Linux Security Advisory 202004-10 - Multiple vulnerabilities were found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.1.1g are affected.

Gentoo Linux Security Advisory 202004-11 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 68.7.0 are affected.

Gentoo Linux Security Advisory 202004-12 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 81.0.4044.122 are affected.

Gentoo Linux Security Advisory 202004-13 - Multiple vulnerabilities have been found in Git which might all allow attackers to access sensitive information. Versions less than 2.26.2 are affected.

netkit-telnet version 0.17 telnetd on Fedora 31 BraveStarr remote code execution exploit.

Red Hat Security Advisory 2020-1937-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2020-1940-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2020-1939-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Red Hat Security Advisory 2020-1942-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Red Hat Security Advisory 2020-1938-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Red Hat Security Advisory 2020-2014-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.

This is the sixteenth issue of POC || GTFO.

Digital Whisper Electronic Magazine issue 90. Written in Hebrew.

This is the seventeenth issue of POC || GTFO.

Digital Whisper Electronic Magazine issue 100. Written in Hebrew.

Digital Whisper Electronic Magazine issue 101. Written in Hebrew.

Digital Whisper Electronic Magazine issue 102. Written in Hebrew.

Digital Whisper Electronic Magazine issue 103. Written in Hebrew.

Digital Whisper Electronic Magazine issue 105. Written in Hebrew.

Digital Whisper Electronic Magazine issue 106. Written in Hebrew.

Digital Whisper Electronic Magazine issue 107. Written in Hebrew.

Digital Whisper Electronic Magazine issue 104. Written in Hebrew.

Linux/x86 TCP reverse shell 127.0.0.1 nullbyte free shellcode.

53 bytes small Linux/x86 bind TCP port 43690 null-free shellcode.

This exploit uses the Cable Haunt vulnerability to open a shell for the Sagemcom F@ST 3890 (50_10_19-T1) cable modem. The exploit serves a website that sends a malicious websocket request to the cable modem. The request will overflow a return address in the spectrum analyzer of the cable modem and using a rop chain start listening for a tcp connection on port 1337. The server will then send a payload over this tcp connection and the modem will start executing the payload. The payload will listen for commands to be run in the eCos shell on the cable modem and redirect STDOUT to the tcp connection.

CHIYU BF430 TCP IP Converter suffers from a persistent cross site scripting vulnerability.

Red Hat Security Advisory 2020-1000-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. A heap-based overflow was addressed.

Red Hat Security Advisory 2020-1289-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2020-1290-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2020-1288-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2020-1702-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.