Exploit for Race Condition in Openbsd Openssh

OpenSSH CVE-2024-6387 Vulnerability Checker This Python script c...

Exploit for Race Condition in Openbsd Openssh

cve-2024-6387-poc a signal handler race condition in OpenSSH...

OpenSSH Remote Code Execution Vulnerability (CNVD-2024-29805)

OpenSSH is a suite of secure network utilities based on the Secure Shell SSH protocol that provides encryption to ensure privacy and secure file transfers, making it a must-have for remote server administration and secure data communication. The OpenSSH remote code execution vulnerability can be...

DEBIAN-CVE-2024-38531

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assu...

Binary Vulnerability in OpenPrinting libcups

openprinting is Red Hat, SUSE, Debian, Ubuntu and all other Linux systems, Posix-style operating systems and mac operating systems are common on the open source printing system. A binary vulnerability in OpenPrinting libcups can be exploited by attackers to cause a denial-of-service attack...

Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks

A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written ...

Fedora: Security Advisory for qt5-qtx11extras (FEDORA-2024-2e27372d4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: rust-speakersafetyd-0.1.9-3.fc39

Speaker protection daemon for embedded Linux systems...

SUSE CVE-2024-33899

RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences...

Fedora: Security Advisory for rust-speakersafetyd (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mirth Connect deserialization vulnerability

Added: 05/23/2024 Background Mirth Connect is an application which translates message standards for healthcare systems. Problem A deserialization vulnerability in Mirth Connect allows remote attackers to execute arbitrary commands by sending a specially crafted API request. Resolution Upgrade to...

Google gVisor 安全漏洞

Google gVisor is a user-space kernel written in the Go language for use in Linux systems. A security vulnerability exists in Google gVisor. An attacker exploited the vulnerability to cause a denial of service on the system...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 Checker The CVE-2024-3094 Checker is a powerful...

GHSA-CFF3-5QRP-HQX7 Apache Airflow Improper Preservation of Permissions vulnerability

Improper Preservation of Permissions vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

Russian Hackers May Have Targeted Ukrainian Telecoms with Upgraded 'AcidPour' Malware

The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show. The cybersecurity firm also confirmed connections between the malware and AcidRain, tying it to threat activity clusters associated with Russi...

PT-2024-2008 · Pgadmin +2 · Pgadmin +2

Name of the Vulnerable Software and Affected Versions: pgAdmin versions prior to 8.4 Description: The issue is related to a path-traversal vulnerability in the session handling code of pgAdmin, which can lead to unsafe deserialization and remote code execution. This vulnerability can be exploited...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 PoC de Polkit ¿En qué consiste Polkit? Policy...

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

Telecommunication, media, internet service providers ISPs, information technology IT-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the...

Security Bulletin: A vulnerability in Apache ActiveMQ affects IBM Operations Analytics Predictive Insights

Summary IBM Operations Analytics Predictive Insights uses Apache ActiveMQ software, as a core module in processing analytics data. The vulnerability CVE-2023-46604 found in Apache ActiveMQ could be exploited to download and infect Linux systems with the Kinsing malware. This bulletin identifies t...

PT-2023-7577

Name of the Vulnerable Software and Affected Versions Insyde InsydeH2O versions 5.2 through 5.60.47 Acer, HP, Fujitsu, and Lenovo devices affected versions not specified Description A LogoFAIL issue exists in the BmpDecoderDxe component of Insyde InsydeH2O UEFI firmware. This flaw stems from an...