GHSA-75P6-52G3-RQC8 Keycloak vulnerable to privilege escalation on Token Exchange feature

A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the clientid of the target. This could allow a client to gain unauthorized access to...

AWS-Loot - Pull Secrets From An AWS Environment

Searches an AWS environment looking for secrets, by enumerating environment variables and source code. This tool allows quick enumeration over large sets of AWS instances and services. Install pip install -r requirements.txt An AWS credential file .aws/credentials is required for authentication t...

The vulnerability of the Qualcomm Multimode Core Protocol (MMCP) in the Android operating system allows a hacker to trigger buffer overflows.

The vulnerability of the Qualcomm Multimode Core Protocol MMCP in the Android operating system arises due to buffer overflows during the processing of messages from additional services. Exploiting this vulnerability can allow a malicious actor to trigger buffer overflows remotely...