Treck IP stacks contain multiple vulnerabilities

Overview Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls them Ripple20. Description Treck IP network stack software is designed for and used in a variety of embedded systems. T...

microcode_ctl security, bug fix and enhancement update

4:20191115-4.20200602.2 - Avoid temporary file creation, used for here-documents in checkcaveats. 4:20191115-4.20200602.1 - Update Intel CPU microcode to microcode-20200602 release, addresses CVE-2020-0543, CVE-2020-0548, CVE-2020-0549 1827183: - Update of 06-2d-06/0x6d SNB-E/EN/EP C1/M0 microcod...

RHEL 8 : microcode_ctl (RHSA-2020:2431)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2431 advisory. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543 hw: L1D Cache Eviction Sampling CVE-2020-0549 hw: Vector...

h1-ctf: [H1-2006 2020] [CTF Writeup] A story about Bounty Payments, Collaboration & Community

H1-2006 CTF Writeup This is a story about both solving a CTF and, most importantly, on how to make friends during the journey and learn a lot a valuable things for the future. On a Friday evening I saw this tweet from HackerOne: F853545 Honestly, last CTF was really hard so I didn't really though...

Internet Bug Bounty: CVE-2020-9383 Floppy OOB read

A vulnerability was found in Linux Kernel up to 5.5.6 Operating System and classified as critical. Affected by this issue is the function setfdc of the file drivers/block/floppy.c. The manipulation with an unknown input leads to a memory corruption vulnerability Out-of-Bounds. Using CWE to declar...

h1-ctf: [H1-2006 2020] 36 hours of brain cycles utilized on solving a neat puzzle

Here we go: F852423 Recon: The given scope is: .bountypay.h1ctf.com Found subdomains: bountypay.h1ctf.com api.bountypay.h1ctf.com app.bountypay.h1ctf.com software.bountypay.h1ctf.com staff.bountypay.h1ctf.com www.bountypay.h1ctf.com Relevant GitHub repository:...

Victor CMS 1.0 - 'add_user' Persistent Cross-Site Scripting

Exploit Title: Victor CMS 1.0 - 'adduser' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-05-23 Exploit Author: Nitya Nand Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: Linux C...

Kubernetes: Private RSA key and Server key exposed on the GitHub repository

Report Submission Form Summary: I was searching for sensitive data in Kubernetes repository where I found these private keys. These are private RSA key and private server key, which could be used for unauthorized access. Steps To Reproduce: VISIT THESE LINKS Repository : kubernetes / kubernetes...

Online Shopping System Advanced 1.0 SQL Injection

Exploit Title: Online shopping system advanced 1.0 - 'p' SQL Injection Exploit Author : Majid kalantari Date: 2020-04-26 Vendor Homepage : https://github.com/PuneethReddyHC/online-shopping-system-advanced Software link:...

Pinger 1.0 - Remote Code Execution Exploit

Exploit for php platform in category web applications Title: Pinger 1.0 - Remote Code Execution Author: Milad Karimi Vendor Homepage: https://github.com/wcchandler/pinger Software Link: https://github.com/wcchandler/pinger Tested on: windows 10 , firefox Version: 1.0 CVE : N/A...

CVE-2019-17564

creationtimestamp| type| source ---|---|--- 2020-04-02 02:28:19+00:00| seen| https://t.me/cibsecurity/10921 2021-08-02 20:29:04+00:00| published-proof-of-concept| Telegram/Tvd8QL4SENBdyhrOX8ClGh5gThmxL9slOp2aXg1VdaPgg 2023-11-24 22:14:24+00:00| seen| https://t.me/arpsyndicate/546 2023-12-18...

GHSA-G9RQ-X4FJ-F5HX Remote Code Execution Through Image Uploads in BookStack

Impact A user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where non-trusted users are given permission to upload images in any area o...

RUSTSEC-2020-0010 tiberius is unmaintained

The author of tiberius has archived the GitHub repository and left the following note: I do not have the time to overhaul the library and do not intend to further maintain the 0.3 version relying on the old futures ecosystem. Suggested alternatives are: - odbc - sqlx forthcoming...

Go SSH servers 0.0.2 - Denial of Service (PoC)

Go SSH servers 0.0.2 - Denial of Service PoC Exploit Title: Go SSH servers 0.0.2 - Denial of Service PoC Author: Mark Adams Date: 2020-02-21 Link: https://github.com/mark-adams/exploits/blob/master/CVE-2020-9283/poc.py CVE: CVE-2020-9283 Running this script may crash the remote SSH server if it i...

WordPress Plugin Time Capsule 1.21.16 - Authentication Bypass

Exploit Title: Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Date: 2020-01-16 Exploit Author: B. Canavate Vendor Homepage: https://wptimecapsule.com/ Software Link: https://wptimecapsule.com/ Version: Wordpress Time Capsule Plugin 1.21.16 Tested on: LAMP stack with most recent...

Starbucks: China - Leaked credentials permitted a limited ability to create Starbucks coupons and cards

neweq discovered a Github repository exposing credentials with which they could obtain an access token. The access token permitted limited access to generate Starbucks coupons and cards. @neweq — thank you for reporting this vulnerability...

Rocket.Chat: API Keys Hardcoded in Github repository

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Summary: API Keys is ha...

Image Cache Poisoning

github.com/moby/moby is vulnerable to image cache poisoning. The vulnerability exists as the image layers were not globally unique, allowing for unintended images to be uploaded or downloaded...

macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

macOS 10.14.6 18G87 - Kernel Use-After-Free due to Race Condition in waitfornamespaceevent The XNU function waitfornamespaceevent in bsd/vfs/vfssyscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fpfree, which unconditionally fre...

Tracking CVE-2019-11043 PHP Vulnerability – An Uncommon Chain of Events

On October 22, security researcher Omar Ganiev published a tweet regarding remote code execution vulnerability in PHP-FPM the FastCGI Process Manager running on the Nginx server. The tweet includes a link to a GitHub repository with an explanation of the vulnerability and a PoC proof-of-concept f...