Lucene search
K

306 matches found

Kitploit
Kitploit
added 2024/06/08 12:30 p.m.43 views

Sttr - Cross-Platform, Cli App To Perform Various Operations On String

sttr is command line software that allows you to quickly run various transformation operations on the string. // With input prompt sttr // Direct input sttr md5 "Hello World" // File input sttr md5 file.text sttr base64-encode image.jpg // Reading from different processor like cat, curl, printf...

7.4AI score
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2024/04/01 5:13 p.m.73 views

Backdoored XZ Utils (CVE-2024-3094)

On Friday, March 29, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used command line tool XZ Utils liblzma. The backdoor, added by an...

7.5CVSS9.8AI score0.85974EPSS
Exploits40
GithubExploit
GithubExploit
added 2024/04/01 1:56 a.m.306 views

Exploit for Embedded Malicious Code in Tukaani Xz

Vulnerability Overview XZ is a data compression format that e...

10CVSS7.5AI score0.85974EPSS
Exploits40
Qualys Blog
Qualys Blog
added 2024/03/30 4:6 a.m.97 views

XZ Utils SSHd Backdoor

On March 29th, 2024, security researcher Andres Freund discovered a backdoor in XZ Utils versions 5.6.0 and 5.6.1. Under certain conditions, this backdoor may allow remote access to the targeted system. This disclosure was posted to the Openwall mailing list. The security researcher mentions that...

7.5CVSS9.9AI score0.85974EPSS
Exploits40
Kitploit
Kitploit
added 2023/10/27 8:2 p.m.49 views

Arsenal - Just A Quick Inventory And Launcher For Hacking Programs

Arsenal is just a quick inventory, reminder and launcher for pentest commands. This project written by pentesters for pentesters simplify the use of all the hard-to-remember commands In arsenal you can search for a command, select one and it's prefilled directly in your terminal. This functionali...

7.5AI score
Exploits0References4
OSV
OSV
added 2023/04/08 5:15 a.m.80 views

CVE-2023-24626

socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process...

6.5CVSS6.4AI score
Exploits0References4
OSV
OSV
added 2023/04/08 5:15 a.m.4 views

ALPINE-CVE-2023-24626

socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process...

6.5CVSS6.5AI score0.0054EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2023/04/08 12:0 a.m.76 views

CVE-2023-24626

socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process...

6.5CVSS6.1AI score0.0054EPSS
Exploits3
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.435 views

GNU screen 4.9.0 Privilege Escalation

Exploit Title: GNU screen v4.9.0 - Privilege Escalation Date: 03.02.2023 Exploit Author: Manuel Andreas Vendor Homepage: https://www.gnu.org/software/screen/ Software Link: https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz Version: 4.9.0 Tested on: Arch Linux CVE : CVE-2023-24626 import os impor...

6.5AI score0.0054EPSS
Exploits3
0day.today
0day.today
added 2023/04/05 12:0 a.m.298 views

GNU screen v4.9.0 - Privilege Escalation Exploit

Exploit Title: GNU screen v4.9.0 - Privilege Escalation Date: 03.02.2023 Exploit Author: Manuel Andreas Vendor Homepage: https://www.gnu.org/software/screen/ Software Link: https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz Version: 4.9.0 Tested on: Arch Linux CVE : CVE-2023-24626 import os impor...

6.5CVSS6.7AI score0.0054EPSS
Exploits3
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.285 views

GNU screen v4.9.0 - Privilege Escalation

Exploit Title: GNU screen v4.9.0 - Privilege Escalation Date: 03.02.2023 Exploit Author: Manuel Andreas Vendor Homepage: https://www.gnu.org/software/screen/ Software Link: https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz Version: 4.9.0 Tested on: Arch Linux CVE : CVE-2023-24626 import os impor...

6.5CVSS7AI score0.0054EPSS
Exploits3
ArchLinux
ArchLinux
added 2022/10/14 12:0 a.m.60 views

[ASA-202210-2] linux: multiple issues

Arch Linux Security Advisory ASA-202210-2 ========================================= Severity: Critical Date : 2022-10-14 CVE-ID : CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 Package : linux Type : multiple issues Remote : Yes Link :...

8.8CVSS8.3AI score0.03763EPSS
Exploits5References19
CNVD
CNVD
added 2022/09/29 12:0 a.m.28 views

Aruba Networks ArubaOS and InstantOS Command Execution Vulnerabilities

ArubaOS is the network operating system for Aruba Mobility Controllers, Mobility Masters, and controller-managed Access Points APs.InstantOS is an Arch Linux-based distribution. A command execution vulnerability exists in Aruba Networks ArubaOS and InstantOS. The vulnerability stems from the...

7.8CVSS8.9AI score0.00771EPSS
Exploits0References1
CNVD
CNVD
added 2022/09/29 12:0 a.m.41 views

Aruba Networks ArubaOS and Instant PAPI Protocol Buffer Overflow Vulnerability

ArubaOS is the network operating system for Aruba Mobility Controllers, Mobility Masters, and controller-managed access points APs. instantOS is an Arch Linux-based distribution. aruba networks ArubaOS and Instant PAPI The Aruba Networks ArubaOS and Instant PAPI protocols are vulnerable to a buff...

9.8CVSS6.1AI score0.01349EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2022/07/29 12:0 a.m.53 views

[ASA-202207-4] webkit2gtk-4.1: multiple issues

Arch Linux Security Advisory ASA-202207-4 ========================================= Severity: Critical Date : 2022-07-29 CVE-ID : CVE-2022-32792 CVE-2022-32816 Package : webkit2gtk-4.1 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2791 Summary ======= The package...

1.3AI score0.06463EPSS
Exploits0References6
Kitploit
Kitploit
added 2022/06/23 12:30 p.m.136 views

WEF - Wi-Fi Exploitation Framework

A fully offensive framework to the 802.11 networks and protocols with different types of attacks for WPA and WEP, automated hash cracking, bluetooth hacking and much more. I recommend you my alfa adapter: Alfa AWUS036ACM , which works really great with both, 2.4 and 5 Ghz Tested and supported in...

7.1AI score
Exploits0References3
ArchLinux
ArchLinux
added 2022/05/16 12:0 a.m.57 views

[ASA-202205-1] python-httpx: access restriction bypass

Arch Linux Security Advisory ASA-202205-1 ========================================= Severity: Critical Date : 2022-05-16 CVE-ID : CVE-2021-41945 Package : python-httpx Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-2718 Summary ======= The package...

6.4CVSS0.3AI score0.02184EPSS
Exploits1References8
ArchLinux
ArchLinux
added 2022/05/16 12:0 a.m.45 views

[ASA-202205-3] thunderbird: multiple issues

Arch Linux Security Advisory ASA-202205-3 ========================================= Severity: High Date : 2022-05-16 CVE-ID : CVE-2022-1520 CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29913 CVE-2022-29914 CVE-2022-29916 CVE-2022-29917 Package : thunderbird Type : multiple issues Remote ...

9.3AI score0.01005EPSS
Exploits3References31
ArchLinux
ArchLinux
added 2022/04/15 12:0 a.m.54 views

[ASA-202204-11] powerdns: denial of service

Arch Linux Security Advisory ASA-202204-11 ========================================== Severity: Low Date : 2022-04-15 CVE-ID : CVE-2022-27227 Package : powerdns Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2655 Summary ======= The package powerdns before version...

4.3CVSS1.8AI score0.04908EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2022/04/07 12:0 a.m.48 views

[ASA-202204-7] gzip: arbitrary command execution

Arch Linux Security Advisory ASA-202204-7 ========================================= Severity: High Date : 2022-04-07 CVE-ID : CVE-2022-1271 Package : gzip Type : arbitrary command execution Remote : No Link : https://security.archlinux.org/AVG-2666 Summary ======= The package gzip before version...

8.8CVSS9.4AI score0.04271EPSS
Exploits0References7
Rows per page
Query Builder