Naabu - A Fast Port Scanner Written In Go With A Focus On Reliability And Simplicity

Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply. Features Fast And Simple SYN/CONNECT probe...

8x8: CVE-2019-11248 on http://█.█.█.█:9100/debug/pprof/goroutine

@mrk0anti reported to us an exposed debugging endpoint /debug/pprof over the unauthenticated Kubelet healthz port 9100. No sensitive information has been disclosed & the affected host belonged to our staging environment. The issue has been rectified...

sos bug fix and enhancement update

The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. Bug Fixes and Enhancements: sos collect fails to get node list from a pacemaker cluster BZ2071695 Tracke...

ALBA-2022:4744 sos bug fix and enhancement update

The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. Bug Fixes and Enhancements: sos collect fails to get node list from a pacemaker cluster BZ2071695 Tracke...

sos bug fix and enhancement update

An update is available for sos. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sos package contains a set of utilities that gather information from system...

Null pointer dereference at chafa-pixops.c:95

Description Null pointer dereference in hpjansson/chafa at chafa-pixops.c:95. Build export CFLAGS="-g -O0 -lpthread -fsanitize=address" export CXXFLAGS="-g -O0 -lpthread -fsanitize=address" export LDFLAGS="-fsanitize=address" ./autogen.sh ./configure --disable-shared make POC ./chafa POC POC ASAN...

[SECURITY] Fedora 36 Update: golang-x-debug-0-0.13.20210123gitc934e1b.fc36

This repository holds utilities and libraries for debugging Go programs...

FirmWire -b Full-System Baseband Firmware Emulation Platform For Fuzzing, Debugging, And Root-Cause Analysis Of Smartphone Baseband Firmwares

FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and debugging of baseband firmware images. See theFirmWire documentation to get started! Experiments & Missing Parts? Upon a vendor's request, the current...

GHSA-MXH8-XGQ9-W782 MoinMoin Insertion of Sensitive Information into Log File

An information leak was discovered in MoinMoin's debug reporting version 1.5.7, which could expose information about the versions of software running on the host system. MoinMoin administrators can add "showtraceback=0" to their site configurations to disable debug tracebacks...

Lupo - Malware IOC Extractor. Debugging Module For Malware Analysis Automation

Debugging module for Malware Analysis Automation For a step by step post on how to use Lupo, with images and instructions, please see this post: https://medium.com/@vishalthakur/lupo-malware-ioc-extractor-cc86ae76b85d Introduction Working on security incidents that involve malware, we come across...

Exploit for Code Injection in Vmware Spring_Framework

It is an exploit module targeting the Apache Log4j vulnerability...

Google Android elevation of privilege vulnerability (CNVD-2022-43231)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from the lack of a warning to the user in the TBD of TBD and can be steered using a hidden debugging policy. An attacker could use...

Metasploit Weekly Wrap-Up

Meterpreter Debugging A consistent message Metasploit hears from users is that debugging and general logging support could be improved. The gaps in functionality make it difficult for users to understand what happens when things go wrong and for new and existing developers to fix bugs and add new...

CVE-2021-39794

In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed...

Design/Logic Flaw

In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed...

CVE-2021-39794

CVE-2021-39794 affects Android 11–12/12L, in the AdbService.java method broadcastPortInfo . The issue is a missing permission check that can allow apps to execute code as the shell user when wireless debugging is enabled, causing local elevation of privilege. Exploitation requires user interactio...

PT-2022-11070

Name of the Vulnerable Software and Affected Versions Android versions Android-11 through Android-12L Description The issue is related to a missing permission check in the broadcastPortInfo of AdbService.java. This could allow apps to run code as the shell user if wireless debugging is enabled,...

PT-2022-13757 · Unknown · Protest Binary

Name of the Vulnerable Software and Affected Versions: protest binary affected versions not specified Description: A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root. The issue is relate...

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

SpringCloud-Gateway Command Execution Vulnerability CVE-2022...

Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums

A previously undocumented "sophisticated" information-stealing malware named BlackGuard is being advertised for sale on Russian underground forums for a monthly subscription of $200. "BlackGuard has the capability to steal all types of information related to Crypto wallets, VPN, Messengers, FTP...