ABB Cylon Aspect 3.08.01 Active Debug Data Exposure Vulnerability

ABB Cylon Aspect version 3.08.01 is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information. ABB Cylon Aspect 3.08.01 auth/ Active Debug Code Vulnerability Vendor: ABB Ltd. Product web page:...

ABB Cylon Aspect 3.08.01 Active Debug Data Exposure

ABB Cylon Aspect 3.08.01 auth/ Active Debug Code Vulnerability Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: 3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

This Week in Spring - October 22nd, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring. I write this to you in an Uber speeding down the autobahn near Frankfurt, Germany. What a time to be alive! At the rate this driver's going, I won't have much time to write this before we've arrived, so let's dive right into...

CVE-2024-49884 ext4: fix slab-use-after-free in ext4_split_extent_at()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4splitextentat We hit the following use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in ext4splitextentat+0xba8/0xcc0 Read of...

CVE-2024-47735

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was hold. This was discovered through the lock debugging, and the corresponding log is a...

DEBIAN-CVE-2024-47735

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was hold. This was discovered through the lock debugging, and the corresponding log is a...

CVE-2024-47735 RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was hold. This was discovered through the lock debugging, and the corresponding log is a...

CVE-2024-47735

CVE-2024-47735 concerns the Linux kernel: RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled and correct misuse of spin_lock_irq()/spin_unlock_irq() when spin_lock_irqsave()/spin_lock_irqrestore() was held. The description and connected docs show the issue originated from lock debugg...

CVE-2024-47735 RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was hold. This was discovered through the lock debugging, and the corresponding log is a...

CVE-2024-47735 RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was hold. This was discovered through the lock debugging, and the corresponding log is a...

YushuTechUnitreeGo1

Based on the provided code, it appears to be a Windows executable file PE file that contains a malicious payload. The file is encoded with a custom algorithm, making it difficult to analyze without decoding. The code is written in C and uses various techniques to evade detection, including: 1. Co...

Exploit for CVE-2023-22098

CVE-2023-22098 - Oracle VM VirtualBox 7.0.10 r158379 Escape H...

OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation

OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year. This activity encompassed debugging malware, writing articles for websites, generating biographies for...

The vulnerability of the `__dma_entry_alloc_check_leak()` function in the dma-debug component of the Linux operating system allows a attacker to trigger a service failure.

The vulnerability of the dmaentryalloccheckleak function in the dma-debug component of the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

Exploit for Protection Mechanism Failure in Microsoft

PoC exploit for CVE-2024-30052, a vulnerability in a Windows-bas...

Exploit for Deserialization of Untrusted Data in Givewp

This post is a research article published by EQSTLabhttps://g...

CVE-2024-44540

Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2024-44540

Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2024-44540

Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command shell via the UART Debugging Port...

PT-2024-31168 · Ubiquiti · Ubiquiti Airmax

Name of the Vulnerable Software and Affected Versions: Ubiquiti AirMax firmware version 8 Description: The issue allows attackers with physical access to gain a privileged command shell via the UART Debugging Port. This can be exploited by someone with physical access to the device...