Resource Exhaustion

bind9 is vulnerable to Resource Exhaustion. The vulnerability due to excessive CPU load on DNS message parsing code in named includes a section whose computational complexity is overly high. It leads to degraded performance, unresponsiveness, or denial of service, affecting the availability and...

Denial Of Service

Bind9 is vulnerable to denial of service. The vulnerability is due to asynchronous processes of named running as a recursive resolver component of BIND, when attempting to clean up its cache database which enables the list of queued cleanup events to grow infinitely large over time, allowing the...

Exploit for Out-of-bounds Write in Google Chrome

From: https://github.com/github/securitylab/tree/main/SecurityEx...

Saltstack Minion Payload Deployer Exploit

This Metasploit exploit module uses saltstack salt to deploy a payload and run it on all targets which have been selected default all. Currently only works against nix targets. This module requires Metasploit: https://metasploit.com/download Current source:...

Saltstack Minion Payload Deployer

This exploit module uses saltstack salt to deploy a payload and run it on all targets which have been selected default all. Currently only works against nix targets. Module Options msf use exploit/linux/local/saltstacksaltminiondeployer msf exploitsaltstacksaltminiondeployer show targets...

Ansible Agent Payload Deployer

This exploit module creates an ansible module for deployment to nodes in the network. It creates a new yaml playbook which copies our payload, chmods it, then runs it on all targets which have been selected default all. Module Options msf use exploit/linux/local/ansiblenodedeployer msf...

Rapid7’s Data-Centric Approach to AI in Belfast

Authored by Stuart Millar and Ryan Wilson. Rapid7 has expanded significantly in Belfast since establishing a presence back in 2014, resulting in the company's largest R&D hub outside the US with over 350 people spread across eight floors in our Chichester Street office. There is a wide range of...

Themebleed Windows 11 Themes Arbitrary Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Themebleed- Windows 11 Themes Arbitrary Code Execution CVE-2023-38146', 'Description' = %q When an unpatched Windows 11 host loads a theme file...

Recommended number of Cloud Connectors for Citrix Cloud deployment.

A guideline for deploying Cloud Connectors to ensure optimal performance and reliability of Citrix Cloud services...

CVE-2023-44113

Vulnerability of missing permission verification for APIs in the Designed for Reliability DFR module. Successful exploitation of this vulnerability may affect service confidentiality...

Security feature bypass

Vulnerability of missing permission verification for APIs in the Designed for Reliability DFR module. Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2023-44113

Vulnerability of missing permission verification for APIs in the Designed for Reliability DFR module. Successful exploitation of this vulnerability may affect service confidentiality...

PT-2023-29108 · Unknown · Designed For Reliability (Dfr) Module

Name of the Vulnerable Software and Affected Versions: Designed for Reliability DFR module affected versions not specified Description: The issue concerns a missing permission verification for APIs in the Designed for Reliability DFR module. Successful exploitation of this issue may affect servic...

WordPress Royal Elementor Addons Remote Code Execution Exploit

Exploit for the unauthenticated file upload vulnerability in WordPress Royal Elementor Addons and Templates plugin 'WordPress Royal Elementor Addons RCE', 'Description' = %q Exploit for the unauthenticated file upload vulnerability in WordPress Royal Elementor Addons and Templates plugin...

Measures Healthcare Providers Can Take to Mitigate Disruptions

Earlier this month, an internet outage affected public healthcare clusters in Singapore, including major hospitals and polyclinics, lasting more than seven hours from 9:20 am. Investigations identified that a distributed denial-of-service DDoS attack was the cause of the online service outage. DD...

GHSA-W98G-5FMX-WM4X pocketmine/raklib reliable-ordered queue size is unlimited, allowing a session to hog server memory

Impact A client can send reliable-ordered packets 0, 2, 3, 4, 5 ... etc, and all the packets 2 and up will stay in the reliable-ordered queue until 1 arrives. A malicious client can exploit this to waste all available server memory by simply never sending the missing packet. Since the server...

November 14, 2023-KB5032004 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2

November 14, 2023-KB5032004 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 Revised 11/15/23: to remove CVE details which were not affected by the .NET Framework November Security and Quality rollup. Release Date: November 14, 2023 Version:...

November 14, 2023-KB5032007 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2

November 14, 2023-KB5032007 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2 Revised July 7, 2025: Updated 'How to get this update' section. Revised 11/15/23: to remove CVE details which were not affected by the .NET Framework November...

OPENSUSE-SU-2023:0361-1 Security update for tor

This update for tor fixes the following issues: - tor 0.4.8.8: Mitigate an issue when Tor compiled with OpenSSL can crash during handshake with a remote relay. TROVE-2023-004, boo1216873 Regenerate fallback directories generated on November 03, 2023. Update the geoip files to match the IPFire...

Security update for tor (moderate)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2023:0361-1 Rating: moderate References: 1216873 Affected Products: openSUSE Backports SLE-15-SP4 openSUSE Backports SLE-15-SP5 An update that contains security fixes can now be installed. Description: This update for...