A Guide to Phishing Attacks

This is a good list of modern phishing techniques...

Exploit for Cleartext Storage of Sensitive Information in Keepass

CVE-2023-24055 POC and Scanner for CVE-2023-24055 Use at your...

Exploring the Vulnerabilities of Seaport: A Technical Analysis of a Fake Signature Attack on Non-Fungible Tokens

Lines of code Vulnerability details Impact This finding aims to provide a comprehensive analysis of the sc4m trend, which emerged in August 2022, and has since been a prevalent issue in the WEB3 space. Despite efforts to combat this phenomenon, bad actors continue to engage in illicit activities,...

PT-2023-10198 · Foxoverflow · Mysimplifiedsql

Name of the Vulnerable Software and Affected Versions: foxoverflow MySimplifiedSQL affected versions not specified Description: A problematic issue has been found in foxoverflow MySimplifiedSQL, affecting the processing of the file MySimplifiedSQL Examples.php. The manipulation of the...

CVE-2022-48197

Reflected cross-site scripting XSS exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2022-48197

Reflected cross-site scripting XSS exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2022-48197

Reflected cross-site scripting XSS exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

UBUNTU-CVE-2022-48197

Reflected cross-site scripting XSS exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

PT-2023-15613 · Yui2 · Yui2

Name of the Vulnerable Software and Affected Versions: YUI2 affected versions not specified Description: Reflected cross-site scripting XSS exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component, and the YUI Javascript library overall are not affected...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

CVE-2022-1388 Checking and exploit for CVE-2022-1388...

org.apache.hama:hama-examples (>=0.4.0-incubating <=0.7.1), org.apache.hama:hama-graph (>=0.4.0-incubating <=0.7.1) +3 more potentially affected by CVE-2022-45470 via org.apache.hama:hama-core (>=0.4.0-incubating <=0.7.1)

org.apache.hama:hama-core MAVEN version =0.4.0-incubating, =0.4.0-incubating, =0.4.0-incubating, =0.7.0, =0.5.0, =0.7.0, =0.7.1 Source cves: CVE-2022-45470 Source advisory: OSV:GHSA-4WFH-48V4-3R84...

First Review of A Hacker’s Mind

Kirkus reviews A Hackers Mind: A cybersecurity expert examines how the powerful game whatever system is put before them, leaving it to others to cover the cost. Schneier, a professor at Harvard Kennedy School and author of such books as Data and Goliath and Click Here To Kill Everybody, regularly...

GHSA-RC39-G977-687W Use of unclaimed s3 bucket in tests and examples

Impact People who use some older NLP examples that reference the old S3 bucket. Patches The problem has been patched. Upgrade to snapshots for now. A release will be published later to address this due to the vulnerability mostly being examples and 1 class in the actual code base. Workarounds...

Use of unclaimed s3 bucket in tests and examples

Impact People who use some older NLP examples that reference the old S3 bucket. Patches The problem has been patched. Upgrade to snapshots for now. A release will be published later to address this due to the vulnerability mostly being examples and 1 class in the actual code base. Workarounds...

CVE-2022-36022

Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. Packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests through version 1.0.0-M2.1 may use some unclaimed S3 buckets in tests in examples. This is likely affect people who use...

Design/Logic Flaw

Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. Packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests through version 1.0.0-M2.1 may use some unclaimed S3 buckets in tests in examples. This is likely affect people who use...

CVE-2022-36022

CVE-2022-36022 affects Deeplearning4J up to version 1.0.0-M2.1, where certain tests and examples (packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests) may reference unclaimed S3 buckets. Root cause: tests and NLP example code referencing old, unowned S3 storage. Report...

CVE-2022-36022 Some Deeplearning4J packages use unclaimed s3 bucket in tests and examples

Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. Packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests through version 1.0.0-M2.1 may use some unclaimed S3 buckets in tests in examples. This is likely affect people who use...

Go Inside Rapid7 MDR: Timelines and Tick Tocks

They say by 2025, half of all businesses will turn to a managed detection and response MDR service. Breaches are called “inevitable” now. And even with a blank check, most companies couldn’t hire their way to tight security: the expertise just isn’t out there. In this new eBook you’ll find real...

Fixed in Apache Tomcat 8.5.82

Low: Apache Tomcat XSS in examples web application CVE-2022-34305 The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. This was fixed with commit 5f6c88b0. This issue was reported to the Apache Tomcat Securit...