684 matches found
Exploit for CVE-2024-34361
CVE-2024-34361 Pi-hole Remote Code Execution SSRF to RCE...
Practical Guidance For Securing Your Software Supply Chain
The heightened regulatory and legal pressure on software-producing organizations to secure their supply chains and ensure the integrity of their software should come as no surprise. In the last several years, the software supply chain has become an increasingly attractive target for attackers who...
CloudBrute - Awesome Cloud Enumerator
A tool to find a company target infrastructure, files, and apps on the top cloud providers Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode. The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. The complete writeup is available. here Motivation ...
CVE-2024-33619
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
CVE-2024-33619
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
CVE-2024-33619
The CVE-2024-33619 entry concerns a Linux kernel EFI handling bug in libstub: priv.runtime_map could be freed in an error path when it was never allocated (priv.runtime_map is only allocated if efi_novamap is not set; otherwise it is uninitialized). The fix is to Free priv.runtime_map only when i...
Exploit for OS Command Injection in Php
CVE-2024-4577 PHP-CGI RCE Quick Detection Usage: ba...
Exploit for OS Command Injection in Php
CVE-2024-4577: PHP CGI Argument Injection XAMPP 💀 Featur...
Exploit for Unrestricted Upload of File with Dangerous Type in Git
CVE-2024-32002-Reverse-Shell Este script demuestra cómo explot...
Fedora 40 : stalld (2024-d198253c42)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-d198253c42 advisory. address issues found in Static Application Security testing Fix a service startup issue Fix file open issue when kernel lockdown is in effect Tenable has...
Empowering Small Businesses in the Digital Age: A Must-Read Guide to Web Application & API Security
Small and medium-sized businesses have increasingly become reliant on web applications - whether they are developed or procured, to drive their operations, engage customers, and scale their businesses. The increasing reliance on online operations is underscored by 84% of businesses using digital...
Pentera's 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation
Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half. And this, in a world where enterprises deploy an average of 53 different security solutions to safeguard their digital domain. Alarming? Absolutel...
Exploit for Improper Input Validation in Paloaltonetworks Pan-Os
CVE-2024-3400 RCE Test Script Overview This Python script...
Exploit for Command Injection in Telesquare Tlr-2005Ksh_Firmware
Telesquare TLR-2005KSHRCE CVE-2024-29269 Batch scan/exploit...
Exploit for CVE-2024-28255
OpenMetadataRCE CVE-2024-28255 Batch scan/exploit 1.このツー...
Exploit for CVE-2024-28247
CVE-2024-28247 Pi-hole Arbitrary File Read Description Thi...
Exploit for OS Command Injection in Progress Loadmaster
CVE-2024-1212 Command Injection Exploit for Kemp LoadMaster 🛡️...