116 matches found
CISA: Chemical Facility Anti-Terrorism Standards (CFATS) Case Study: Strategic and Tactical CFATS Considerations for a Multi-Tenant Dow, DuPont, and Corteva Facility
System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat
CVE-2024-50379 Exploitation and POC This repository contains...
Security Bulletin: NVIDIA Triton Inference Server - September 2024
NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...
Exploit for Command Injection in Nikhil-Bhalerao Poultry_Farm_Management_System
PoC exploit for CVE-2024-40110, an arbitrary file upload vulnera...
GHSA-QXRV-GP6X-RC23 SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder
Impact What kind of vulnerability is it? Who is impacted? A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in the Gif decoder. The vulnerability is triggered when ImageSharp attempts to process image files tha...
Summary of "AI Leaders Spill Their Secrets" Webinar
Event Overview The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from...
Citrix Virtual Apps and Desktop - Machine Creation (MCS, PVS, App Layering)
Introduction This article is a summary of the top support articles related to Machine Creation including MCS, PVS and App Layering Top Support Knowledge Content Host Connections and Resource Errors CTX224551 - Delivery Controller cannot contact vCenter server after certificate update on vCenter...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment O...
AI Is Your Coworker Now. Can You Trust It?
Generative AI tools such as OpenAI’s ChatGPT and Microsoft’s Copilot are becoming part of everyday business life. But they come with privacy and security considerations you should know about...
RHEL 8 : developer_environment (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Developer environment: Homoglyph characters can lead to trojan source attack CVE-2021-42694 - An issue wa...
GHSA-G85R-6X2Q-45W7 SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size Value
Impact A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. This flaw can b...
SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size Value
Impact A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw. This flaw can b...
Exploit for SQL Injection in Wpdeveloper Notificationx
CVE-2024-1698 Exploit Script - Wordpress NotificationX = 2.8...
HTTP Handling Vulnerability in the Bare server
Impact This vulnerability relates to insecure handling of HTTP requests by the @tomphttp/bare-server-node package. This flaw potentially exposes the users of the package to manipulation of their web traffic. The impact may vary depending on the specific usage of the package but it can potentially...
LightsOut - Generate An Obfuscated DLL That Will Disable AMSI And ETW
LightsOut will generate an obfuscated DLL that will disable AMSI & ETW while trying to evade AV. This is done by randomizing all WinAPI functions used, xor encoding strings, and utilizing basic sandbox checks. Mingw-w64 is used to compile the obfuscated C code into a DLL that can be loaded into a...
November 14, 2023-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 (KB5032343)
November 14, 2023-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 KB5032343 Revised 11/15/23: to remove CVE details which were not affected by the .NET Framework November Security and Quality rollup. Applies to:Microsoft .NET Framework...
Rocky Linux 8 : gcc (RLSA-2021:4587)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4587 advisory. - DISPUTED An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via...
Elevating Data Security: Key Considerations When Transferring Your Digital Workspace
By Owais Sultan Data security is vital for protecting sensitive information and maintaining trust. This is a post from HackRead.com Read the original post: Elevating Data Security: Key Considerations When Transferring Your Digital Workspace...
August 8, 2023-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 (KB5029653)
August 8, 2023-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 KB5029653 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2...
NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing
Today, the National Security Agency NSA and CISA published 5G Network Slicing: Security Considerations for Design, Deployment, and Maintenance. This guidance—created by the Enduring Security Framework ESF, a public-private cross-sector working group led by the NSA and CISA—presents recommendation...