2401 matches found
CVE-2022-0721
Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...
CVE-2022-0721
Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...
CVE-2022-0721 Insertion of Sensitive Information Into Debugging Code in microweber/microweber
Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...
CVE-2022-0721 Insertion of Sensitive Information Into Debugging Code in microweber/microweber
Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...
microweber 安全漏洞
Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A security vulnerability exists in microweber versions prior to 1.3, which stems from th...
New MyloBot Malware Variant Sends Sextortion Emails Demanding $2,732 in Bitcoin
A new version of the MyloBot malware has been observed to deploy malicious payloads that are being used to send sextortion emails demanding victims to pay $2,732 in digital currency. MyloBot, first detected in 2018, is known to feature an array of sophisticated anti-debugging capabilities and...
[SECURITY] Fedora 35 Update: ipython-7.26.0-3.fc35
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...
LDAP-Password-Hunter - Password Hunter In The LDAP Infamous Database
It happens that due to legacy services requirements or just bad security practices password are world-readable in the LDAP database by any user who is able to authenticate. LDAP Password Hunter is a tool which wraps features of getTGT.py Impacket and ldapsearch in order to look up for password...
IDACode - An Integration For IDA And VS Code Which Connects Both To Easily Execute And Debug IDAPython Scripts
IDACode makes it easy to execute and debug Python scripts in your IDA environment without leaving Visual Studio Code. The VS Code extension can be found on the marketplace. IDACode is still in a very early state and bugs are to be expected. Please open a new issue if you encounter any issues...
Heaptrace - Helps Visualize Heap Operations For Pwn And Debugging
heaptrace is a heap debugger for tracking glibc heap operations in ELF64 x8664 binaries. Its purpose is to help visualize heap operations when debugging binaries or doing heap pwn. replaces addresses with easy-to-understand symbols detects heap corruption and memory leakage issues can debug in gd...
sos bug fix and enhancement update
The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. Bug Fixes and Enhancements: sosreport should use new AlmaLinux Secure FTP instead of dropbox for...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 toc Vulnerability profile Vulnerabilit...
TrickBot Crashes Security Researchers’ Browsers in Latest Upgrade
Trojan titan TrickBot has added a striking anti-debugging feature that detects security analysis and crashes researcher browsers before its malicious code can be analyzed. The new anti-debugging feature was discovered by Security Intelligence analysts with IBM, who reported the emergence of a...
Cisco StarOS 信息泄露漏洞
Cisco StarOS is a virtualized operating system from Cisco. Cisco StarOS suffers from an information disclosure vulnerability that arises from the debugging service incorrectly listening to and accepting incoming connections. A remote attacker could exploit this vulnerability to gain access to...
WordPress WP Debugging plugin <= 2.11.6 - Arbitrary Plugin Installation from Dependency via Cross-Site Request Forgery (CSRF) vulnerability
Arbitrary Plugin Installation from Dependency via Cross-Site Request Forgery CSRF vulnerability discovered by Jan w Oleju in WordPress WP Debugging plugin versions = 2.11.6. Solution Update the WordPress WP Debugging plugin to the latest available version at least 2.11.7...
WordPress WP Debugging plugin <= 2.11.6 - Arbitrary Plugin Activation vulnerability
Arbitrary Plugin Activation vulnerability discovered by Jan w Oleju in WordPress WP Debugging plugin versions = 2.11.6. Solution Update the WordPress WP Debugging plugin to the latest available version at least 2.11.7...
What is fuzz testing? What is it used to test for?
Fuzz testing, regularly known as fuzzing, is a product testing procedure that incorporates embedding flawed or arbitrary information FUZZ into a product framework to recognize coding issues and security issues. Fuzz testing involves infusing information into a framework utilizing robotized or...
PMAT-labs - Labs For Practical Malware Analysis And Triage
Welcome to the labs for Practical Malware Analysis & Triage. WARNING Read this carefully before proceeding. This repository contains live malware samples for use in the Practical Malware Analysis & Triage course PMAT. These samples are either written to emulate common malware characteristics or a...
Jektor - A Windows User-Mode Shellcode Execution Tool That Demonstrates Various Techniques That Malware Uses
This utility focuses on shellcode injection techniques to demonstrate methods that malware may use to execute shellcode on a victim system Dynamically resolves API functions to evade IAT inclusion Includes usage of undocumented NT Windows API functions Supports local shellcode execution via...
多款Bosch产品安全漏洞
Bosch Access Professional Edition and others are products of Bosch, Germany.Bosch Access Professional Edition is an enterprise access control and security management solution.Bosch VRM is an application.Bosch BVMS is an application... system. A security vulnerability exists in a number of Bosch...