Driver Disk for Intel i40e 2.22.20 - For Citrix Hypervisor 8.2 LTSR

Who should install this driver disk? Note: This driver disk is superseded by a more recent build of i40e 2.22.20. The latest version is availabel at https://support.citrix.com/article/CTX677875/driver-disk-for-intel-i40e-222205-for-citrix-hypervisor-82-ltsr Customers running the Citrix Hypervisor...

Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets

In yet another sign of a lucrative crimeware-as-a-service CaaS ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that's actively being developed by its author to evade detection by software solutions. "The Meduza Stealer has a...

Sales of Cashier Goods v1.0 - Cross Site Scripting (XSS)

Exploit Title: Sales of Cashier Goods v1.0 - Cross Site Scripting XSS Date: 2023-06-23 country: Iran Exploit Author: Amirhossein Bahramizadeh Category : webapps Dork : /print.php?nmmember= Vendor Homepage:...

CVE-2023-36192

Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capturewscheckpacket at /src/capture.c...

Secret information exfiltration by hard coding twitter API keys

Description Secret information used for API calls was embedded in the microweber source code. PoC It's hardcoded in the source code below. - https://github.com/microweber/microweber/blob/master/userfiles/modules/twitterfeed/functions.php php $oauthaccesstoken =...

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 AX1800 Wi-Fi routers to rope the devices into a distributed denial-of-service DDoS botnet. Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work ...

Exploit for Out-of-bounds Write in Readymedia_Project Readymedia

CVE-2023-33476 ReadyMedia MiniDLNA versions from 1.1.15 u...

EulerOS Virtualization 3.0.6.0 : binutils (EulerOS-SA-2023-2207)

According to the versions of the binutils packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Assertion fail in the displaydebugnames function in binutils/dwarf.c may lead to program crash and denial of service.CVE-2022-381...

EulerOS Virtualization 3.0.6.0 : emacs (EulerOS-SA-2023-2237)

According to the versions of the emacs packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

MAL-2023-260 Malicious code in discount-pwa (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b62bcefcaea2db2548388a227a4b29129aec31ac8138d04b9763fbd8e5bb54ac Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

CVE-2023-33477

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path...

CVE-2023-33477

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path...

Path traversal

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path...

CVE-2023-33477

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path...

CVE-2023-33477

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path...

PT-2023-24352 · Harmonic · Harmonic Nsg 9000-6G

Name of the Vulnerable Software and Affected Versions: Harmonic NSG 9000-6G devices affected versions not specified Description: The issue allows an authenticated remote user to obtain source code by directly requesting a special path. Recommendations: At the moment, there is no information about...

CVE-2023-33477

Summary: CVE-2023-33477 concerns Harmonic NSG 9000-6G devices, where an authenticated remote user can obtain source code by directly requesting a crafted path. Multiple connected sources label the issue as a path traversal vulnerability, but the technical details are inconsistent across entries a...

cups-filters security update

1.20.0-29.0.1 - header/footer not being printed in banner page. Orabug: 28265099 [email protected] - Fixes Orabug: 29163824 source indentation not following convention [email protected] 1.20.0-29.2 - CVE-2023-24805 cups-filters: remote code execution in cups-filters, beh CUPS backend...

Faculty Evaluation System 1.0 - Unauthenticated File Upload Exploit

Exploit Title: Faculty Evaluation System 1.0 - Unauthenticated File Upload Author: Alex Gan Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...

Faculty Evaluation System 1.0 - Unauthenticated File Upload

Exploit Title: Faculty Evaluation System 1.0 - Unauthenticated File Upload Date: 5/29/2023 Author: Alex Gan Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...