31246 matches found
Safari < 15 Multiple Vulnerabilities
Binary data 701367.pasl...
Microsoft OMI Service Detection
Binary data microsoftomiservicedetect.nbin...
Microsoft Open Management Infrastructure RCE (CVE-2021-38647)
Binary data omicve-2021-38647.nbin...
Finding 0-days with Jackalope
ARCHIVED STORY Finding 0-days with Jackalope By Douglas McKee · September 16, 2021 Overview On March 21st, 2021, the McAfee Enterprise Advanced Threat Research ATR team released several vulnerabilities it discovered in the Netop Vision Pro Education software, a popular schooling software used by...
Microsoft Open Management Infrastructure Detection (Unix / Linux)
Binary data microsoftominixinstalled.nbin...
Apple iOS < 14.8 Multiple Vulnerabilities (HT212807)
Binary data appleios148check.nbin...
Apache Tomcat < 10.0.4 Vulnerability
Binary data 701364.pasl...
Apache Tomcat < 8.5.64 Vulnerability
Binary data 701366.pasl...
Apache Tomcat < 9.0.44 Vulnerability
Binary data 701365.pasl...
Medium: gcc10-binutils
Issue Overview: An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfdgetlsigned32 in libbfd.c because shentsize is not validated in bfdelfslurpsecondaryrelocsection in elf.c. CVE-2020-354...
Peirates - Kubernetes Penetration Testing Tool
What is Peirates? Peirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster. It automates known techniques to steal and collect service accounts, obtain further code execution, and gain control of the cluster. Where do I run Peirates...
Safari < 14.1.2 Vulnerability
Binary data 701363.pasl...
Google Chrome < 93.0.4577.82 Multiple Vulnerabilities
Binary data 701362.pasl...
Karta - Source Code Assisted Fast Binary Matching Plugin For IDA
"Karta" Russian for "Map" is an IDA Python plugin that identifies and matches open-sourced libraries in a given binary. The plugin uses a unique technique that enables it to support huge binaries 200,000 functions, with almost no impact on the overall performance. The matching algorithm is...
GHSA-5WJF-62HW-Q78R Excessive CPU usage
Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. Impact This can result in a DoS condition. Patches Pomerium versions 0.14.8 and 0.15.1 contain an upgraded...
Moving Forward After CentOS 8 EOL
The Linux community was caught unprepared when, in December 2020, as part of a change in the way Red Hat supports and develops CentOS, Red Hat suddenly announced that it's cutting the official CentOS 8 support window from ten years – to just two, with support ending Dec 31, 2021. It created a...
CVE-2021-39204
Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versio...
CVE-2021-39206 Incorrect Authorization with specially crafted requests
Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related vulnerabilities CVE-2021-32777 and CVE-2021-32779. This may lead to incorrect routing or authorization policy decisions. With specially crafted requests, incorrect...
ManageEngine ADManager Plus Detection
Binary data manageengineadmanagerplusdetect.nbin...
ManageEngine ADManager Plus < 7111 RCE
Binary data manageengineadmanagerplus7111rce.nbin...