GHSA-M5P4-GVPX-4MVR GuardDog: Unsanitized human-readable scan output allows terminal escape injection from malicious package content

Summary GuardDog includes attacker-controlled filenames, file locations, messages, and code snippets in its default human-readable output without escaping terminal control characters. A malicious package can therefore inject ANSI or OSC escape sequences into analyst terminals or CI logs...

Large Language Model-Based Framework for Explainable Cyberattack Detection in Automatic Generation Control Systems

The increasing digitization of smart grids has improved operational efficiency but also introduced new cybersecurity vulnerabilities, such as False Data Injection Attacks FDIAs targeting Automatic Generation Control AGC systems. While machine learning ML and deep learning DL models have shown...

[SECURITY] Fedora 39 Update: rust-pretty-bytes-0.2.0-6.fc39

Convert bytes to a human readable string...

Fedora: Security Advisory for rust-pretty-bytes (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: rust-pretty-bytes-0.2.0-6.fc40

Convert bytes to a human readable string...

CVE-2024-25107 Cross-Site Scripting in WikiDiscover

WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the Language::date function is used when making the human-readable timestamp for inclusion on the wikicreation column. This function uses interface messages to translate the nam...

OPENSUSE-SU-2021:2682-1 Security update for rpm

This update for rpm fixes the following issues: - Changed default package verification level to 'none' to be compatible to rpm-4.14.1 - Made illegal obsoletes a warning - Fixed a potential access of freed mem in ndb's glue code bsc1179416 - Added support for enforcing signature policy and payload...

Airshare - Cross-platform Content Sharing In A Local Network

Airshare is a Python-based CLI tool and module that lets you transfer data between two machines in a local network, P2P, using Multicast-DNS. It also opens an HTTP gateway for other non-CLI external interfaces. It works completely offline! Built with aiohttp and zeroconf. Checkout the demo...

Information Disclosure

apollo-server-cloudflare is vulnerable to information leakage. Lack of validation rules enforcement during the subscription server creation with NoInstrospection rule for websockets exposes GraphQL schema types, their relations, human-readable names and many More information on the references...

Information Exposure

Overview Versions of apollo-server-hapi prior to 2.14.2 are vulnerable to Information Exposure. The package does not properly enforce validation rules when creating subscription servers, which includes a NoInstrospection rule for the Websocket. This leaks the GraphQL schema types, their relations...

Information Exposure

Overview Versions of apollo-server-cloud-functions prior to 2.14.2 are vulnerable to Information Exposure. The package does not properly enforce validation rules when creating subscription servers, which includes a NoInstrospection rule for the Websocket. This leaks the GraphQL schema types, thei...

Product update: Virtuozzo PowerPanel Update 1 Hotfix 1 (7.0.4-39)

The update for Virtuozzo PowerPanel introduces stability and usability fixes. Vulnerability id: PP-643 Attach and detach backup tasks missing or undefined in the task log. Vulnerability id: PP-642 The 'vzapi-api' package not updated on the controller when upgrading PowerPanel. Vulnerability id:...

The power of Wallarm search engine

In this article I would like to show and explain my personal use cases of the Wallarm search engine. The cool thing about it is human readable search with intuitive commands. Just look at this search command before we start: attacks incidents vulns today RCE 502 For a security engineer looking at...

The power of Wallarm search engine

In this article I would like to show and explain my personal use cases of the Wallarm search engine. The cool thing about it is human readable search with intuitive commands. Just look at this search command before we start: attacks incidents vulns today RCE 502 For a security engineer looking at...

[SECURITY] Fedora 24 Update: diffoscope-77-1.fc24

diffoscope will try to get to the bottom of what makes files or directories different. It will recursively unpack archives of many kinds and transform various binary formats into more human readable form to compare them. It can compare two tarballs, ISO images, or PDF just as easily. The...

Command Line Certificate Examination Utility: certigo

Command Line Certificate Examination Utility Certigo is a utility to examine and validate certificates in a variety of formats. Install To install certigo, simply use: go get -u github.com/square/certigo Note that certigo requires Go 1.6 or later to build. Usage Certigo can read...

SNMPCheck - Enumerate the SNMP devices

Like to snmpwalk, snmpcheck allows you to enumerate the SNMP devices and places the output in a very human readable friendly format. It could be useful for penetration testing or systems monitoring. Distributed under GPL license and based on "Athena-2k" script by jshaw. Features snmpcheck support...

Scientific Linux Security Update : gfs2-utils on SL5.x i386/x86_64

Multiple insecure temporary file use flaws were discovered in GFS2 user level utilities. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities typically root with the output of the utilities via a symbolic link attack. CVE-2008-6552 Thi...

Nmap NSE net: nfs-ls

Attempts to get useful information about files from NFS exports. The output is intended to resemble the output of 'ls'. The script starts by enumerating and mounting the remote NFS exports. After that it performs an NFS GETATTR procedure call for each mounted point in order to get its ACLs. For...

nfs-statfs NSE Script

Retrieves disk space statistics and information from a remote NFS share. The output is intended to resemble the output of df. The script will provide pathconf information of the remote NFS if the version used is NFSv3. Script Arguments nfs-statfs.human If set to 1 or true, shows file sizes in a...