Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
c60429b4ba3214c9d967b27fa228d4cbc84df0d656e3a124c2fa77e09f5b564a
Ubuntu Security Notice 6230-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor.
03c3a5ddd6a4b155e3af1571ca65fc525e542099889b815c5e6a46606b3e77f1
Ubuntu Security Notice 6229-1 - It was discovered that LibTIFF was not properly handling variables used to perform memory management operations when processing an image through tiffcrop, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that LibTIFF was not properly processing numerical values when dealing with little-endian input data, which could lead to the execution of an invalid operation. An attacker could possibly use this issue to cause a denial of service
7565d507b8be80b66f20eeba0e180573b2f488b3fe5c0551094140faccf46892
BloodBank version 1.0 suffers from a cross site scripting vulnerability.
fd67eab24b5e998f81ae44d4b11a25fc8135daaca29b9efc7444d8785fb9fb0a
Blogator version 0.93 suffers from a cross site scripting vulnerability.
fc2c4529b4ae05583f86b48c3e05c1d11ceb7ecd9b0c065678a0ac1a2e5b971f
Bigware Shop version 2.3 suffers from a cross site scripting vulnerability.
69bcbc789870e6156455c333f8bd0e0fad1e3d51860e778057fddb9ee37b3828
Bazaar Social Listing Shopping Web PHP Template version 2.3.2 suffers from a cross site scripting vulnerability.
c6e4d11aa955cb2bed6d76defb35557734149c0312ced065d9b37014584f212f
OpenSSL Security Advisory 20230714 - The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence.
533eb47fbd60f88ad1ad3c18b56350b6804b9be10b8c81fe9a8f322433dad421