Mythos

Mythos Autonomous cybersecurity agent that connects to multip...

CVE-2019-16214

Libra Core before 2019-09-03 has an erroneous regular expression for inline comments, which makes it easier for attackers to interfere with code auditing by using a nonstandard line-break character for a comment. For example, a Move module author can enter the // sequence which introduces a...

EUVD-2019-7026

Malware in sbrugna...

Generative AI for Vulnerability Detection in 6G Wireless Networks: Advances, Case Study, and Future Directions

The rapid advancement of 6G wireless networks, IoT, and edge computing has significantly expanded the cyberattack surface, necessitating more intelligent and adaptive vulnerability detection mechanisms. Traditional security methods, while foundational, struggle with zero-day exploits, adversarial...

PT-2024-18402 · WordPress · The Event Monster

Name of the Vulnerable Software and Affected Versions: The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress versions up to, and including, 1.3.4 Description: The issue concerns a PHP Object Injection vulnerability via deserialization of untrusted input from a...

Potential XSS in content script via StackOverflow about_me

Description Alby has a feature called "batteries", which makes tipping on third party sites easier, e.g. by detecting lightning network addresses and so donating using the extensions becomes easy. One of those sites is stackoverflow. The alby extension will use the stackoverflow/stackexchange API...

Last Years Open Source - Tomorrow's Vulnerabilities

Linus Torvalds, the creator of Linux and Git, has his own law in software development, and it goes like this: "given enough eyeballs, all bugs are shallow." This phrase puts the finger on the very principle of open source: the more, the merrier - if the code is easily available for anyone and...

Aura - Python Source Code Auditing And Static Analysis On A Large Scale

Source code auditing and static code analysis Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Project goals: provide an automated monitoring system over uploaded packages to PyPI, alert on...

Exploit for CVE-2021-28476

CVE-2021-28476: Hyper-V vmswitch.sys arbitrary pointer derefer...

Protecting today’s web applications requires more than a firewall

The way organizations build web applications has changed dramatically over the last several years. As a result, many organizations are considering additional security strategies to augment the Web Application Firewall WAF on which they have relied to protect critical digital business operations...

CVE-2019-16214

Libra Core before 2019-09-03 has an erroneous regular expression for inline comments, which makes it easier for attackers to interfere with code auditing by using a nonstandard line-break character for a comment. For example, a Move module author can enter the // sequence which introduces a...

CVE-2019-16214

Libra Core before 2019-09-03 has an erroneous regular expression for inline comments, which makes it easier for attackers to interfere with code auditing by using a nonstandard line-break character for a comment. For example, a Move module author can enter the // sequence which introduces a...

CVE-2019-16214

CVE-2019-16214 affects Libra Core prior to 2019-09-03, where an erroneous regular expression for inline comments lets a nonstandard line-break character (\r) appear to terminate a comment in audits, potentially misleading readers about code execution. The Move module author could place // followe...

CVE-2019-9676

Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker lo...

miniweb 0.8.19 Multiple Vulnerabilities

No description provided by source. MiniWeb Multiple Vulnerabilities Introduction MiniWeb is a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability. It is capable to serve multiple clients with a...

Metasploit Modules Available for Seven Open Source Packages

Open source projects with anywhere between 100,000 and 1 million downloads are pretty sizable endeavors, and with the code open for scrutiny, you would think bugs would be found and some sort of disclosure process would be in place. If a spate of recently discovered issues in seven popular softwa...

About the PHP code auditing and vulnerability digging a little thought-vulnerability warning-the black bar safety net

Here is the PHP code auditing and vulnerability discovery the idea to do a bit summary, is a personal point of view, there is something wrong place please point out. PHP vulnerabilities in a large part is from the programmer's own lack of experience, of course, and server configuration related, b...

Finecms1. 7 3 The code of audit summary of the defect packaged and fixed-vulnerability warning-the black bar safety net

FineCMS is a paragraph based on PHP+MySql development of content management system, using the MVC design pattern to implement business logic with the presentation layer of the appropriate separation, so that web designers can easily design the ideal template, plug-in development features...

Zcncms1. 2. 8 Code of audit the summary file contains vulnerability and remediation-vulnerability and early warning-the black bar safety net

Prior to a introduction: zcncms is a webmaster of China based on php technology development of the content management system that provides content editing, keyword management, advertising management, link management module and a model, the program design is very concise and focus on the secondary...

MetInfo m topology enterprise website management system 5. 0. 2 code auditing exploit and repair summary-vulnerability warning-the black bar safety net

MetInfo enterprise website management system using PHP+Mysql schema, full Station built-in SEO search engine optimization mechanism, support user since defined interface languageglobal various language, has enterprise website common of module features corporate profile module, news module, produc...