PUB-A-345848543

In TBD of TBD, there is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

SonicWALL SSL-VPN Format String

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SonicWALL SSL-VPN Format String Vulnerability', 'Description' = %q There is a format string vulnerability within the SonicWALL SSL-VPN Appliance ...

Chargen Probe Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chargen Probe Utility', 'Description' = %q Chargen is a debugging and measurement tool and a character generator service. A character generator...

CVE-2024-43444

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

UBUNTU-CVE-2024-43444

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

CVE-2024-43444 Passwords are written to Admin Log Module

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

PT-2024-5942 · Otrs · Otrs

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.50 OTRS version 8.0.X OTRS version 2023.X OTRS versions 2024.X through 2024.5.X OTRS Community Edition version 6.0.x Description: The issue is related to the OTRS admin log module, where passwords of agents and...

CVE-2024-31799

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port...

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2024-31799

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port...

CVE-2024-31799

CVE-2024-31799 affects GNCC’s GC2 Indoor Security Camera 1080P. The flaw: an attacker with physical access can read the WiFi passphrase through the UART Debug Port, exposing sensitive network credentials via direct hardware access. The underlying cause is information disclosure via an accessible ...

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2024-31799

Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port...

CVE-2024-31800

The CVE-2024-31800 entry concerns the GNCC GC2 Indoor Security Camera 1080P. Affected component: the device’s UART Debugging Port enables an authentication bypass, allowing a physically present attacker to obtain a privileged command shell. Documented impact includes high confidentiality, integri...

AMD Graphics Driver 安全漏洞

AMD Graphics Driver is an integrated graphics driver from UltraMicroelectronics AMD. A security vulnerability exists in AMD Graphics Driver, which stems from a hard-coded AES key that could cause a privileged attacker to gain access to the key, leading to the disclosure of internal debugging...

New Android Spyware LianSpy Evades Detection Using Yandex Cloud

Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control C2...

SUSE CVE-2024-42127

In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt handlers must be prepared to be called at any time. At driver removal time, the clocks are disabled early and the interrupts stay...

Exploit for Special Element Injection in Google Android

CVE 2024 0044 CVE-2024-0044, identified in the createSessionI...

Exploit for Race Condition in Openbsd Openssh

CVE-2024-6387 regreSSHion Proof of concept python script for...