ASB-A-205836329

In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed...

WordPress plugin Translate WordPress with GTranslate 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Translate WordPress with GTranslate plugin version 2.9.9 is vulnerable to cross-site request forgery. The vulnerability...

CVE-2022-25481

ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php. NOTE: this is disputed by a third party because system environment exposure is an intended feature of the debugging mode...

PT-2022-17318

Name of the Vulnerable Software and Affected Versions: ThinkPHP Framework version 5.0.24 Description: The ThinkPHP Framework was discovered to be configured without the PATHINFO parameter, allowing attackers to access all system environment parameters from index.php. It is noted that this issue i...

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847 Dirty Pipe linux kernel lifting analysis toc...

Intel Trace Hub 安全漏洞

The Intel Trace Hub is a set of hardware modules from Intel Corporation. It is designed to perform full-system debugging by generating, switching, and outputting trace data from multiple hardware and software sources through multiple trace output ports encoded in the System Trace Protocol MIPI...

Microsoft Windows Privilege Escalation Vulnerability

smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges...

Insertion of Sensitive Information Into Debugging Code in Microweber

Microweber prior to 1.3 may expose sensitive information about a server and a user when running the server in debug mode...

GHSA-MJVC-J6RV-9XJ8 Insertion of Sensitive Information Into Debugging Code in Microweber

Microweber prior to 1.3 may expose sensitive information about a server and a user when running the server in debug mode...

CVE-2022-0721

Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...

CVE-2022-0721 Insertion of Sensitive Information Into Debugging Code in microweber/microweber

Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...

CVE-2022-0721 Insertion of Sensitive Information Into Debugging Code in microweber/microweber

Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...

microweber 安全漏洞

Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A security vulnerability exists in microweber versions prior to 1.3, which stems from th...

New MyloBot Malware Variant Sends Sextortion Emails Demanding $2,732 in Bitcoin

A new version of the MyloBot malware has been observed to deploy malicious payloads that are being used to send sextortion emails demanding victims to pay $2,732 in digital currency. MyloBot, first detected in 2018, is known to feature an array of sophisticated anti-debugging capabilities and...

[SECURITY] Fedora 35 Update: ipython-7.26.0-3.fc35

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

LDAP-Password-Hunter - Password Hunter In The LDAP Infamous Database

It happens that due to legacy services requirements or just bad security practices password are world-readable in the LDAP database by any user who is able to authenticate. LDAP Password Hunter is a tool which wraps features of getTGT.py Impacket and ldapsearch in order to look up for password...

IDACode - An Integration For IDA And VS Code Which Connects Both To Easily Execute And Debug IDAPython Scripts

IDACode makes it easy to execute and debug Python scripts in your IDA environment without leaving Visual Studio Code. The VS Code extension can be found on the marketplace. IDACode is still in a very early state and bugs are to be expected. Please open a new issue if you encounter any issues...

Heaptrace - Helps Visualize Heap Operations For Pwn And Debugging

heaptrace is a heap debugger for tracking glibc heap operations in ELF64 x8664 binaries. Its purpose is to help visualize heap operations when debugging binaries or doing heap pwn. replaces addresses with easy-to-understand symbols detects heap corruption and memory leakage issues can debug in gd...

sos bug fix and enhancement update

The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. Bug Fixes and Enhancements: sosreport should use new AlmaLinux Secure FTP instead of dropbox for...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 toc Vulnerability profile Vulnerabilit...