Code injection

Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk binary logs an AWS Access Key ID and Secret in cleartext to standard output, allowing a local user to view the key in the console, or in Kubernetes logs if stdout output is collected. The fixed versio...

CVE-2023-24619

Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk binary logs an AWS Access Key ID and Secret in cleartext to standard output, allowing a local user to view the key in the console, or in Kubernetes logs if stdout output is collected. The fixed versio...

CVE-2023-24619

Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk binary logs an AWS Access Key ID and Secret in cleartext to standard output, allowing a local user to view the key in the console, or in Kubernetes logs if stdout output is collected. The fixed versio...

PT-2023-7624 · Tenda · Tenda Ac23

Name of the Vulnerable Software and Affected Versions: Tenda AC23 version 16.03.07.45 Description: The issue is related to a stack-based buffer overflow in the formSetSysToolDDNS/formGetSysToolDDNS function of the /bin/httpd file. This can be exploited by a remote attacker to cause a denial of...

EyesOfNetwork Installed (Linux)

Binary data eyesofnetworkinstalled.nbin...

Atlassian Bitbucket Public Repo Enumeration

Binary data bitbucketpublicrepoenumeration.nbin...

Atlassian Bitbucket RCE (CVE-2022-36804)

Binary data bitbucketcve-2022-36804.nbin...

CVE-2022-37705

A flaw was found in Amanda. The runtar SUID binary executes /usr/bin/tar as root without properly validating its arguments, possibly leading to escalation of privileges from the regular user "amandabackup" to root...

Design/Logic Flaw

PDFio is a C library for reading and writing PDF files. In versions prior to 1.1.0 a denial of service DOS vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. The pdf which causes this crash found in testing is about 28...

Citrix Storefront Installed (Windows)

Binary data citrixstorefrontwininstalled.nbin...

SQLite Detection (Windows)

Binary data sqlitewininstalled.nbin...

The vulnerability of the UPGCGI_CheckAuth() function in D-Link’s wireless access points DAP-2020 and DAP-1360 allows a hacker to execute arbitrary code.

The vulnerability of the UPGCGICheckAuth function in D-Link’s wireless access points DAP-2020 and DAP-1360 is related to numerical truncation errors during the processing of the binary file webupg. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

[SECURITY] Fedora 36 Update: binwalk-2.3.3-3.fc36

Binwalk is a tool for searching a given binary image for embedded files and executable code. Specifically, it is designed for identifying files and code embedded inside of firmware images. Binwalk uses the python-magic library, so it is compatible with magic signatures created for the Unix file...

Sysmon for Linux Installed

Binary data sysmonnixinstalled.nbin...

setDrips may distribute the drip too fast if the time hints are not good enough

Lines of code Vulnerability details Impact The setDrips function is used to configure a drip. It can either be withdrawing it, adding a new one, or even managing an existing one by updating the configuration. Internally, it account for the drips that are yet to be distributed to refund them to th...

CVE-2023-24613

The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend...

ROS-20230203-03

A vulnerability in the GNU Binary Utilities binutils object code manipulation toolkit is related to a memory access error. Exploitation of the vulnerability could allow an attacker acting remotely to analyze an ELF file containing corrupted information. remotely, to analyze an ELF file containing...

Cisco Small Business RV340 代码问题漏洞

The RV340, RV340W, RV345, and RV345P are all small business VPN routers from Cisco. A binary vulnerability exists in several Cisco products, which can be exploited by an attacker to upload files for overwrite operations...

Monomorph - MD5-Monomorphic Shellcode Packer - All Payloads Have The Same MD5 Hash

════════════════════════════════════╦═══ ╔═╦═╗ ╔═╗ ╔═╗ ╔═╗ ╔═╦═╗ ╔═╗ ╔══╔═╗ ╠═╗ ═╩ ╩ ╩═╚═╝═╩ ╩═╚═╝═╩ ╩ ╩═╚═╝═╩ ╠═╝═╩ ╩═ ════════════════════════════════╩═══════ By Retr0id ═══ MD5-Monomorphic Shellcode Packer ═ ══ USAGE: python3 monomorph.py inputfile outputfile payloadfile What does it do? It...

io_uring Same Type Object Reuse Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'iouring Same Type Object Reuse Priv Esc', 'Description' = %q This module exploits a bug in iouring leading to an additional putcred that can be...