SAPUI5 version 1.0.0 and the SAP Gateway versions 7.5, 7.51, 7.52 and 7.53are vulnerable to content spoofing in multiple parameters.

Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability.

Windows Defender Antivirus version 4.18.1908.7-0 suffers from a file extension spoofing vulnerability.

Gentoo Linux Security Advisory 202004-6 - A regression in GnuTLS breaks the security guarantees of the DTLS protocol. Versions less than 3.6.13 are affected.

A git clone action can leak cached / stored credentials for github.com to example.com due to insecure handling of newlines in the credential helper protocol.

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

PTP-RAT is a proof of concept that allows data theft via screen-share protocols. Each screen flash starts with a header. This contains a magic string, "PTP-RAT-CHUNK" followed by a sequence number. When the receiver is activated, it starts taking screenshots at twice the transmission frequency (the Nyquist rate). When it detects a valid header, it decodes the pixel colour information and waits on the next flash. As soon as a valid header is not detected, it reconstructs all the flashes and saves the result to a file. To transfer a file, you run an instance of the Rat locally on your hacktop, and set that up as a receiver. Another instance is run on the remote server and this acts as a sender. You simply click on send file, and select a file to send. The mouse pointer disappears and the screen begins to flash as the file is transmitted via the pixel colour values. At the end of the transfer, a file-save dialog appears on the receiver, and the file is saved.

Centreon version 19.10.5 suffers from a remote SQL injection vulnerability.

User Management System version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Complaint Management System version 4.2 suffers a remote SQL injection vulnerability that allows for authentication bypass.

Project Open CMS version 5.0.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

Open-AudIT version 3.2.2 suffers from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.

iJoomla AdAgency component version 6.0.9 suffers from a remote SQL injection vulnerability.

Online AgroCulture Farm Management System version 1.0 suffers from a remote SQL injection vulnerability.

School File Management System version 1.0 suffers from a remote SQL injection vulnerability.

Car Park Management System version 1.0 suffers a remote SQL injection vulnerability that allows for authentication bypass.

XBOX 360 Aurora version 0.6b default credential FTP bruteforcing script.

This is a simple perl script to perform dictionary attacks against the KeePass password manager.

Simple script to perform RC4 encryption / decryption.

This is a script to perform SSH/SSL RSA private key passphrase enumeration with a dictionary attack.

Script to perform basic XOR file encryption / decryption.