2334 matches found
strace bug fix and enhancement update
An update is available for strace. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The strace utility intercepts and records the system calls that are made and...
PS2EXE - Module To Compile Powershell Scripts To Executables
Overworking of the great script of Ingo Karstein with GUI support. The GUI output and input is activated with one switch, real windows executables are generated. With Powershell 5.x support and graphical front end. Module version. You find the script based version here...
Denial Of Service (DoS)
chromium:edge is vulnerable to denial of service.Inappropriate implementation in DevTools in Google Chrome allowed a remote attacker who had convinced the user to use Chrome headless with remote debugging to execute arbitrary code via a crafted HTML page...
Ligolo-Ng - An Advanced, Yet Simple, Tunneling/Pivoting Tool That Uses A TUN Interface
An advanced, yet simple, tunneling tool that uses a TUN interface. by TNP IT Security Introduction Ligolo-ng is a simple , lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection without the need of SOCKS. Features Tun interface No more SOCKS! Simpl...
How to debug and resolve ADM-HA DB Streaming broken issues
...
Exploit for Code Injection in Elastic Kibana
CVE-2019-7609 Kibana versions before 5.6.15 and 6.6.1 contain...
Shoutcast Server 2.6.0.753 Crash Vulnerability
Shoutcast server version 2.6.0.753 suffers from a remote authenticated crash vulnerability. Shoutcast Server Remote Authenticated Crash ===== Intro ===== Shoutcast Server crashes after failing to handle a non-existent option recieved from a client in an ADMINCGI request. Requires auth to reproduc...
Shoutcast Server 2.6.0.753 Crash
Shoutcast Server Remote Authenticated Crash ===== Intro ===== Shoutcast Server crashes after failing to handle a non-existent option recieved from a client in an ADMINCGI request. Requires auth to reproduce, so not super exciting but Shoutcast is an old favorite and the minimization of the repro ...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Introduction This repository was created f...
WordPress Sites Abused in Aggah Spear-Phishing Campaign
Threat actors are using compromised WordPress websites to target manufacturers across Asia with a new spear-phishing campaign that delivers the Warzone RAT, a commodity infostealer available widely for purchase on criminal forums, researchers have found. The threat group Aggah, believed to be...
Chikitsa 2.0.0 Cross Site Scripting
Exploit Title: XSS-Stored - Brutal PWNED on Chikitsa 2.0.0 parameter "firstname" Author: nu11secur1ty Testing and Debugging: nu11secur1ty $ g3ck0dr1v3r Date: 08.09.2021 Vendor: https://chikitsa.net/ Link: https://sourceforge.net/projects/chikitsa/ CVE: CVE-2021-38152 + Exploit Source:...
systemtap bug fix and enhancement update
SystemTap is an instrumentation system for systems running the Linux kernel, which allows developers to write scripts to collect data on the operation of the system. Bug Fixes and Enhancements: kernel panic at stpbuildidcheck.constprop.65+0x1c7 with centos debuginfo when stap runs BZ1966742...
IBM Security Access Manager 调试信息泄露漏洞
IBM Security Access Manager is an application for information security management from IBM Corporation in the United States. The product enables access management control through integrated Web, mobile, and cloud-oriented devices.IBM Security Access Manager Docker is vulnerable to a debugging...
Exploit for CVE-2021-1675
CVE-2021-1675-LPE-EXP Simple LPE Exploit of CVE-2021-1675...
GSD-2021-1001028 btrfs: promote debugging asserts to full-fledged checks in validate_super
btrfs: promote debugging asserts to full-fledged checks in validatesuper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.11 by commit...
UVI-2021-1001028 btrfs: promote debugging asserts to full-fledged checks in validate_super
btrfs: promote debugging asserts to full-fledged checks in validatesuper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.11 by commit...
UVI-2021-1000951 btrfs: promote debugging asserts to full-fledged checks in validate_super
btrfs: promote debugging asserts to full-fledged checks in validatesuper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.44 by commit...
GSD-2021-1000951 btrfs: promote debugging asserts to full-fledged checks in validate_super
btrfs: promote debugging asserts to full-fledged checks in validatesuper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.44 by commit...
GSD-2021-1000896 btrfs: promote debugging asserts to full-fledged checks in validate_super
btrfs: promote debugging asserts to full-fledged checks in validatesuper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.126 by commit...
UVI-2021-1000896 btrfs: promote debugging asserts to full-fledged checks in validate_super
btrfs: promote debugging asserts to full-fledged checks in validatesuper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.126 by commit...