CVE-2024-21697

This High severity RCE Remote Code Execution vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has...

CVE-2024-21697

CVE-2024-21697 : The vulnerability affects Atlassian SourceTree for Mac (version 4.2.8) and Windows (version 3.4.19). It is a remote code execution (RCE) vulnerability that allows an unauthenticated attacker to execute arbitrary code with high impact to confidentiality, integrity, and availabilit...

CVE-2024-21697

This High severity RCE Remote Code Execution vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has...

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

IT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here's the thing: hackers don't wait around for compliance schedules. Most companies approach network penetration testing on a set schedule, with the most common...

Microsoft Security Update Validation Report November 2024

Microsoft’s November 2024 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwa...

The vulnerability of the microprogrammed software of the PowerFlex 6000T inverter, related to insufficient testing of exceptional states, allows a intruder to trigger a maintenance failure.

The vulnerability of the microprogrammed software of the PowerFlex 6000T inverter is related to insufficient testing of exceptional states. Exploiting this vulnerability could allow an attacker to cause malfunctions in the device...

Exploit for Path Traversal in Aiohttp

LFI-aiohttp-CVE-2024-23334-PoC A Bash script to automate Loca...

CVE-2024-52524

Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential...

CVE-2024-52524 ReDoS in Giskard Scan text perturbation

Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential...

CVE-2024-52524

CVE-2024-52524 affects Giskard, an AI evaluation/testing framework. The issue is a Remote Code/Denial-of-Service risk due to catastrophic backtracking in a regex-based text processing path (Giskard detectors), leading to exponential evaluation times. Affected versions are prior to 2.15.5; remedia...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

Usage: python3 cve-2022-42475.py rhost rport lhost lport Exempl...

5 BCDR Oversights That Leave You Exposed to Ransomware

Ransomware isn't just a buzzword; it's one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging. Their attack methods are evolving...

[SECURITY] Fedora 40 Update: python3.6-3.6.15-38.fc40

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

Fedora 37 : python3.8 (2022-94bee848e6)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-94bee848e6 advisory. The release you're looking at is Python 3.8.15, a security bugfix release for the legacy 3.8 series...

Fedora 37 : mediawiki / php-oojs-oojs-ui / php-wikimedia-assert / etc (2022-ea159a2ec4)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-ea159a2ec4 advisory. https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/DMQKMFSH4K7KLBXWZTDBGI2PWLLHJHJZ/...

Fedora 41 : chromium (2024-e109b67926)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e109b67926 advisory. update to 128.0.6613.119 High CVE-2024-8362: Use after free in WebAudio High CVE-2024-7970: Out of bounds write in V8 Tenable has extracted the...

Fedora 38 : capnproto / fastnetmon / librime / rr / sonic-visualiser (2022-ef11bad952)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-ef11bad952 advisory. Update capnproto to version 0.10.3 to address CVE-2022-46149. Dependent packages were rebuilt for both the fix for the security issue and the capnproto SONAM...

Fedora 37 : qemu (2022-920db25f88)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-920db25f88 advisory. Automatic update for qemu-6.2.0-5.fc37. Changelog Thu Feb 10 2022 Cole Robinson - 6.2.0-5 - Split out qemu-virtiofsd subpackage Wed Feb 9 2022 Eduar...

Your AppSec Journey Demystified: Driving Effective API Security with Wallarm and StackHawk

There is no doubt that attackers have shifted their attention to APIs. Wallarm’s API ThreatStats research identifies that 70% of attacks now target APIs instead of Web Applications. While APIs have become the backbone of innovation and connectivity for businesses, they have also introduced a vast...

DNA testing company vanishes along with its customers’ genetic data

.kb-row-layout-wrap.wp-block-kadence-rowlayout.kb-row-layout-id12063564d0c4-23margin-top:0px;margin-bottom:var--global-kb-spacing-sm, 1.5rem;.kb-row-layout-id12063564d0c4-23 .kt-row-column-wrapalign-content:center;:where.kb-row-layout-id12063564d0c4-23 .kt-row-column-wrap...