Security update for go1.16 (moderate)

openSUSE Security Update: Security update for go1.16 Announcement ID: openSUSE-SU-2021:2788-1 Rating: moderate References: 1182345 1189162 Cross-References: CVE-2021-36221 Affected Products: openSUSE Leap 15.3 An update that solves one vulnerability and has one errata is now available.Description...

Fedora: Security Advisory for kernelshark (FEDORA-2021-4786624190)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for trace-cmd (FEDORA-2021-4786624190)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 33 Update: kernelshark-1.2-5.fc33

KernelShark is a front end reader of trace-cmd output. "trace-cmd record" and "trace-cmd extract" create a trace.dat trace-cmd.dat file. kernelshark can read this file and produce a graph and list view of its data...

The vulnerability of the cmd.php component in the Z-BlogPHP blogging software allows a hacker to redirect users to arbitrary websites and carry out phishing attacks using a specially crafted URL.

The vulnerability of the cmd.php component in the Z-BlogPHP blog software relates to the redirection of URLs to unreliable websites. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary websites and carry out phishing attacks using specially crafted URLs...

Go Ethereum Denial of Service

cmd/evm/runner.go in Go Ethereum aka geth allows attackers to cause a denial of service SEGV via crafted bytecode. Specific Go Packages Affected github.com/ethereum/go-ethereum/cmd/evm...

CVE-2020-7869

An improper input validation vulnerability of ZOOK software remote administration tool could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tig...

Input validation

An improper input validation vulnerability of ZOOK software remote administration tool could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tig...

CVE-2020-7869

CVE-2020-7869 affects ZOOK (remote administration tool). The issue is improper input validation in the ZOOK viewer’s Tight File CMD functionality, enabling a remote attacker to create and execute arbitrary files in the ZOOK agent without authority. Documented by multiple sources (NVD, Red Hat, CN...

SharpHook - Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials

SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials. In the background it uses the EasyHook project, Once the desired process is up and running SharpHook will automatically inject its dependencies into the target process and...

CVE-2021-35448

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections...

PT-2024-11346 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A possible buffer overflow in the wl1251 cmd scan function has been resolved. The function calls memcpy without checking the length, which can lead to a buffer overflow. To harden the...

NSClient++ 0.5.2.35 Remote Code Execution Exploit

This Metasploit module allows an attacker with knowledge of the admin password of NSClient++ to start a privileged shell. For this module to work, both web interface of NSClient++ and ExternalScripts feature should be enabled. This module requires Metasploit: https://metasploit.com/download Curre...

Remote Command Execution

reg-keygen-git-hash-plugin is vulnerable to remote command execution. An attacker is able to inject and execute arbitrary OS commands via various functions in git-cmd-client.ts...

CVE-2020-18268

Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers to obtain sensitive information via the "redirect" parameter in the component "zbsystem/cmd.php."...

Z-BlogPHP 输入验证错误漏洞

Z-BlogPHP is an open source PHP-based blogging system for the Z-blog community. An information disclosure vulnerability exists in Z-BlogPHP, which stems from a configuration error in Open Redirect in Z-BlogPHP v1.5.2 and earlier versions. The vulnerability can be exploited to obtain sensitive...

CentOS 8 : go-toolset:rhel8 (CESA-2021:1746)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1746 advisory. - golang: crypto/elliptic: incorrect operations on the P-224 curve CVE-2021-3114 - golang: cmd/go: packages using cgo can cause arbitrary code executio...

golang: cmd/go: packages using cgo can cause arbitrary code execution at build time

A flaw was found in golang: cmd/go, in which Go can execute arbitrary commands at build time when cgo is in use on Windows OS. On Linux/Unix, only users who have "." listed explicitly in their PATH variable are affected. The highest threat from this vulnerability is to data confidentiality and...

RHEL 8 : go-toolset:rhel8 (RHSA-2021:1746)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1746 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been...

go-toolset:rhel8 security, bug fix, and enhancement update

An update is available for delve, golang, go-toolset. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming language tools and...