11 matches found
CVE-2024-50356
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. The password could be reset by anyone who have access to the mail inbox circumventing the 2FA. Even though they wouldn't be able to login by bypassing the 2FA. Onl...
EulerOS Virtualization 2.9.1 : selinux-policy (EulerOS-SA-2022-2366)
According to the versions of the selinux-policy packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the...
EulerOS Virtualization 2.9.0 : selinux-policy (EulerOS-SA-2022-2402)
According to the versions of the selinux-policy packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the...
Credit Card Fraud That Bypasses 2FA
Someone in the UK is stealing smartphones and credit cards from people who have stored them in gym lockers, and is using the two items in combination to commit fraud: Phones, of course, can be made inaccessible with the use of passwords and face or fingerprint unlocking. And bank cards can be...
EulerOS 2.0 SP10 : selinux-policy (EulerOS-SA-2022-2171)
According to the versions of the selinux-policy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the .config/Yubico directory ...
EulerOS 2.0 SP9 : selinux-policy (EulerOS-SA-2022-2012)
According to the versions of the selinux-policy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the .config/Yubico directory ...
EulerOS 2.0 SP9 : selinux-policy (EulerOS-SA-2022-1982)
According to the versions of the selinux-policy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the .config/Yubico directory ...
Vulnerability allowed bypassing 2FA in WHM & cPanel by bruteforcing
By Sudais Asif The vulnerability CVE-2020-27641 allowed malicious actors to bypass two-factor authentication 2FA on the software using brute-force attacks. This is a post from HackRead.com Read the original post: Vulnerability allowed bypassing 2FA in WHM & cPanel by bruteforcing...
CVE-2020-24612
An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. Consequently, when SELinux is in enforced mode, pam-u2f is not allowed to read the user's U2F configuration file. If configured with the nouserok...
Design/Logic Flaw
An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. Consequently, when SELinux is in enforced mode, pam-u2f is not allowed to read the user's U2F configuration file. If configured with the nouserok...
h1-ctf: [H1-2006 2020] CTF Writeup
Summary: The CTF's objective could be found in the following Twitter post: F858468 As outlined on https://hackerone.com/h1-ctf, all subdomains of bountypay.h1ctf.com are in scope. Doing subdomain enumeration revealed the following subdomains: api.bountypay.h1ctf.com app.bountypay.h1ctf.com...