EUVD-2025-198297

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview checkov is an Infrastructure as code static analysis Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere when cloning external modules from private registries. An attacker can obtain sensitive access keys by...

UBUNTU-CVE-2023-30581

The use of proto in process.mainModule.proto.require can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time...

nodejs: Permissions policies can be bypassed via Module._load

A vulnerability was found in NodeJS. This security issue occurs as the use of Module.load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module...

PackageDNA - Tool To Analyze Software Packages Of Different Programming Languages That Are Being Or Will Be Used In Their Codes

This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes. secure development, i...

Metasploit Wrap-Up

MicroFocus? More like MacroVuln MicroFocus’s Operations Bridge Manager is a security information and event management SIEM tool designed to collect and parse security logs from multiple disparate sources. OBM has a large attack surface—something Pedro Ribeiro was able to take advantage of with hi...

CVE-2019-9042

An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The...

CVE-2019-9042

An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The...

CVE-2019-9042

An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The...

CVE-2019-9042

An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The...

UBUNTU-CVE-2017-3167

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed...

MGASA-2017-0068 Updated firebird packages fix security vulnerability

A serious security problem existed with the access to undesired external modules, even if 'Restrict' configuration mode was specified for UdfAccess CORE-5474...

Updated firebird packages fix security vulnerability

A serious security problem existed with the access to undesired external modules, even if 'Restrict' configuration mode was specified for UdfAccess CORE-5474...

[FruityWifi v1.6] the Wireless Network Auditing Tool

FruityWifi is a wireless network auditing tool based in the Wifi Pineapple idea. The application can be installed in any Debian based system. Tested in Debian, Kali Linux, Kali Linux ARM Raspberry Pi, Raspbian Raspberry Pi, Pwnpi Raspberry Pi. With the new version, it is possible to install...