8 matches found
PT-2025-31879
Name of the Vulnerable Software and Affected Versions Android versions prior to security patch level 2025-08-05 Android 16 versions prior to the August 2025 update Pixel 3a, S10, and OnePlus 7 affected versions not specified Description A critical remote code execution RCE flaw exists in the...
Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware
Google has announced that it's adding a new layer of protection to its Chrome browser through what's called app-bound encryption to prevent information-stealing malware from grabbing cookies on Windows systems. "On Windows, Chrome uses the Data Protection API DPAPI which protects the data at rest...
Attack Surface Management vs. Vulnerability Management
Attack surface management ASM and vulnerability management VM are often confused, and while they overlap, they're not the same. The main difference between attack surface management and vulnerability management is in their scope: vulnerability management checks a list of known assets, while attac...
Remote code execution
Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. Discord-Recon is vulnerable to remote code execution. An attacker is able to execute shell commands in the server without having an admin role. This vulnerability h...
CVE-2024-21663 Remote code execution on ReconServer due to improper input sanitization on the prips command
Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. Discord-Recon is vulnerable to remote code execution. An attacker is able to execute shell commands in the server without having an admin role. This vulnerability h...
Sn1per v5.0 - Automated Pentest Recon Scanner
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage...
Attackers Using Automated Scans to Takeover WordPress Installs
Attackers have been setting their sights on freshly installed WordPress deployments, taking advantage of users who fail to follow through when it comes to configuring their server’s settings. Researchers at the WordPress security plugin WordFence said Tuesday they observed a significant spike in...
Raptor - Web-based Source Code Vulnerability Scanner
Raptor is a web-based web-serivce + UI github centric source-vulnerability scanner i.e. it scans a repository with just the github repo url. You can setup webhooks to ensure automated scans every-time you commit or merge a pull request. The scan is done asynchonously and the results are available...