FalconHound - A Blue Team Multi-Tool. It Allows You To Utilize And Enhance The Power Of Blo odHound In A More Automated Fashion

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool. One of the challenging aspects of BloodHound is that it is a snapshot in time...

CVE-2024-22406 Blind SQL-injection in DAL aggregations in Shopware

Shopware is an open headless commerce platform. The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations...

PT-2024-19396 · Shopware · Shopware

Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 6.5.7.4 Shopware versions 6.1, 6.2, 6.3, and 6.4 Description: The Shopware application API contains a search functionality that enables users to search through information stored within their Shopware instance. The...

Douglas-042 - Powershell Script To Help Speed ​​Up Threat Hunting Incident Response Processes

DOUGLAS-042 stands as an ingenious embodiment of a PowerShell script meticulously designed to expedite the triage process and facilitate the meticulous collection of crucial evidence derived from both forensic artifacts and the ephemeral landscape of volatile data. Its fundamental mission revolve...

kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead

An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO

A NULL pointer dereference vulnerability was found in the Intel iwlwifi wireless driver in the Linux kernel. When using Multi-Link Operation MLO mode, the iwlmvmmaxamsdusize function incorrectly accesses vif-bssconf.chandef.chan-band, which leads to a NULL pointer dereference because bssconf is n...

PT-2023-9502 · Cisco · Cisco Ios Xe +2

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software versions 17.12.1 through 17.12.1a Description: The issue is related to improper management of resources during fragment reassembly in the IPv4 fragmentation reassembly code, which could allow an unauthenticated, remote...

Qualys Is the Outperformer in the New GigaOm Radar Report for Continuous Vulnerability Management

GigaOm has unveiled its third-annual Radar for Continuous Vulnerability Management featuring Qualys. In this Report, GigaOm provides a detailed analysis of the value and progression of vulnerability management VM capabilities to help organizations build the best security and vulnerability...

Enhancing Security Operations Using Wazuh: Open Source XDR and SIEM

In today's interconnected world, evolving security solutions to meet growing demand is more critical than ever. Collaboration across multiple solutions for intelligence gathering and information sharing is indispensable. The idea of multiple-source intelligence gathering stems from the concept th...

the check in checkExpectedBalances only allows 2% slippage, which could be insufficient in volatile markets and lock user funds.

Lines of code Vulnerability details Impact This would cause the check to fail and revert the transaction, locking the user's funds Proof of Concept In volatile markets, the price could move more than 2% between when the user sends the transactions and when it gets mined. This would cause the chec...

Juniper Networks Junos OS MX 安全漏洞

Juniper Networks Junos OS MX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS MX that originates from allowing an attacker...

Strava heatmap loophole may reveal users' home addresses

Researchers at NC State University have outlined potential privacy issues with popular fitness app Strava which could lead to users' homes being pinpointed. The researchers' findings are detailed in a paper called Heat marks the spot: de-anonymising users' geographical data on the Strava heat map...

kernel: net/mlx5: E-Switch, pair only capable devices

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...

PT-2025-38197

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's net/mlx5 component related to the handling of E-switch pairing during uplink un/load APIs. Specifically, when transitioning a device from switchdev mo...

Cisco IOS XR 安全漏洞

Cisco IOS XR is an operating system developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR, which stems from a security issue in GRand Unified Bootloader GRUB, which can be exploited by an attacker to view sensitive files on the console using the GRUB bootload...

SUSE CVE-2020-12693

Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user...

CVE-2022-22223

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...

Input validation

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...

CVE-2022-22223 Junos OS: QFX10000 Series: In IP/MPLS PHP node scenarios upon receipt of certain crafted packets multiple interfaces in LAG configurations may detach.

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...

SAP Customer Data Cloud Encryption Issue Vulnerability

SAP Customer Data Cloud is a tool from SAP Germany that provides digital customer identity and access management. It enables companies to collect, aggregate and manage customer data across multiple touch points and applications. An encryption issue vulnerability exists in SAP Customer Data Cloud...