Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument

Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...

[SECURITY] Fedora 44 Update: netatalk-4.4.3-1.fc44

Netatalk is a freely-available Open Source AFP file server. A NIX/BSD system running Netatalk is capable of serving many Macintosh clients simultaneously as an AppleShare file server AFP. In addition to the AFP file server daemon, the following utility programs are also included: ad - AppleDouble...

ANT-2026-H97FY6C8 · freerdp · Heap-buffer-overflow

heap-buffer-overflow high GHSA-mpxh-8fq3-x8mh GHSA-mvpx-xj7r-3p3r GHSA-p6r2-4hgm-m6ff Severity Claude critical · Security research firm high · Maintainer unknown Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Trai...

OS Identification : Apple AirPlay

This script attempts to identify the operating system type and version by looking at the capabilities of the remote Apple AirPlay server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid127857; scriptversion"1.3"; scriptcvsdate"Date: 2020/01/22"; scriptnameenglish:"OS...

xmpp-info NSE Script

Connects to XMPP server port 5222 and collects server information such as: supported auth mechanisms, compression methods, whether TLS is supported and mandatory, stream management, language, support of In-Band registration, server capabilities. If possible, studies server vendor. Script Argument...