PT-2025-18864 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A vulnerability has been resolved in the Linux kernel. The issue was found by Syzbot and is related to the ext4 file system. Specifically, it concerns the ext4 update inline data...

Malicious NuGet Packages Caught Distributing SeroXen RAT Malware

Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment. Software supply chain security firm ReversingLabs described the campaign as coordinated and ongoing since August 1, 2023, while linki...

Failure to Return Value from Low-Level Call

Lines of code Vulnerability details In Solidity, the "low-level call" operation, often used with inline assembly, is a powerful tool for interacting with external contracts. However, there is a specific bug related to low-level calls that can result in unexpected behavior. Instances 1: File:...

Tiny_Tracer - A Pin Tool For Tracing API Calls Etc

A Pin Tool for tracing: API calls, including parameters of selected functions selected instructions: RDTSC, CPUID, INT inline system calls, including parameters of selected syscalls transition between sections of the traced module helpful in finding OEP of the packed module Bypasses the...

Code injection

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 24.0.4 and prior to versions 25.0.9, 26.0.4, and 27.0.1, when a folder with images or an image was shared without download permissions, the user could add the image inline into a text file and...

PT-2023-27175 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 24.0.4 through 25.0.8 Nextcloud Server versions 26.0.0 through 26.0.3 Nextcloud Server versions 27.0.0 through 27.0.0 Description: Nextcloud Server provides data storage for Nextcloud, an open source cloud platform...

CVE-2023-36830

SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...

HTTPS Fetch, Linux Meterpreter Service, Reverse TCP Inline

Fetch and execute an x86 payload from an HTTPS server. Stub payload for interacting with a Meterpreter Service Module Options msf use payload/cmd/linux/https/x86/metsvcreversetcp msf payloadmetsvcreversetcp show actions ...actions... msf payloadmetsvcreversetcp set ACTION msf...

HTTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute a x86 payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/x86/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline (IPv6)

Fetch and execute a x86 payload from an HTTP server. Connect back to attacker and spawn a command shell over IPv6 Module Options msf use payload/cmd/linux/http/x86/shellreversetcpipv6 msf payloadshellreversetcpipv6 show actions ...actions... msf payloadshellreversetcpipv6 set ACTION msf...

TFTP Fetch, Linux Meterpreter Service, Reverse TCP Inline

Fetch and execute a x86 payload from a TFTP server. Stub payload for interacting with a Meterpreter Service Module Options msf use payload/cmd/linux/tftp/x86/metsvcreversetcp msf payloadmetsvcreversetcp show actions ...actions... msf payloadmetsvcreversetcp set ACTION msf payloadmetsvcreversetcp...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute a x86 payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/x86/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show...

Debian: Security Advisory (DLA-3451-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross site scripting

Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript 1. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the web application. Therefore, it i...

TFTP Fetch, Windows Meterpreter Shell, Bind TCP Inline (x64)

Fetch and execute an x64 payload from a TFTP server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/tftp/x64/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp set...

HTTPS Fetch, Windows Meterpreter Shell, Reverse TCP Inline (IPv6) (x64)

Fetch and execute an x64 payload from an HTTPS server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/https/x64/meterpreterreverseipv6tcp msf payloadmeterpreterreverseipv6tcp show actions ...actions... msf...

HTTPS Fetch, Windows Meterpreter Shell, Reverse TCP Inline x64

Fetch and execute an x64 payload from an HTTPS server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/https/x64/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf...

HTTP Fetch, Windows Meterpreter Shell, Bind TCP Inline (x64)

Fetch and execute an x64 payload from an HTTP server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/http/x64/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp se...

HTTP Fetch, Windows Meterpreter Shell, Reverse HTTPS Inline (x64)

Fetch and execute an x64 payload from an HTTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/http/x64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf...

CVE-2023-33287

A stored cross-site scripting XSS vulnerability in the Inline Table Editing application before 3.8.0 for Confluence allows attackers to store and execute arbitrary JavaScript via a crafted payload injected into the tables...