Joern 4.0.528

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

[SECURITY] Fedora 44 Update: valkey-9.0.3-1.fc44

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

[SECURITY] Fedora 41 Update: valkey-8.0.6-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

EUVD-2020-2946

Malware in sbrugna...

Binary Vulnerability in Unisys UOS Desktop Professional Edition by Unisys Software Technology Co.

Unisys UOS Desktop Professional Edition is a commercial desktop operating system based on Linux kernel, which supports all CPU architectures including AMD64, ARM64, LoongArch64, SW64 and other mainstream architectures, and is suitable for domestic CPU platforms e.g., Haikuang, Zhaoshen, etc.. The...

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

The threat actors behind the Darcula phishing-as-a-service PhaaS platform have released new updates to their cybercrime suite with generative artificial intelligence GenAI capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to...

[SECURITY] Fedora 37 Update: phpMyAdmin-5.2.1-1.fc37

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and i...

TeaBot Trojan Targets Banks via Hijacked Android Handsets

Researchers have discovered an Android trojan that can steal victims’ SMS messages and credentials and completely take over devices. The trojan, dubbed TeaBot, is aimed at committing fraud against at least 60 banks in Europe. Join Threatpost for “Fortifying Your Business Against Ransomware, DDoS ...

MetInfo suffers from a command execution vulnerability (CNVD-2021-29218)

MetInfo is a multi-language, full-featured, secure and stable, multi-terminal display and support for visual editing, easy to use enterprise station software. MetInfo has a command execution vulnerability that can be exploited by attackers to gain control of the server...

SQL injection vulnerability in SongCMS PHP version (CNVD-2021-28484)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. SongCMS PHP version suffers from a SQL injection vulnerability, which can be exploited b...

Arbitrary File Read Vulnerability in SongCMS

SongCMS is a free and open source CMS based on PHP+MySQL, ASP+Access/SQL Server development, enterprise-oriented, multi-language support. SSongCMS arbitrary file reading vulnerability , an attacker can use the vulnerability to read the site source code , any file...

SQL Injection Vulnerability in SongCMS

SongCMS is a PHP+MySQL, ASP+Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users quickly build and deploy enterprise-level portals. SongCMS suffers from SQL injection vulnerability. An attacker can exploit the vulnerability...

Pwndoc - Pentest Report Generator

PwnDoc is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. The main goal is to have more time to Pwn and less time to Doc by mutualizing data like vulnerabilities between users. Documentation Installation Data Vulnerabilitie...

BEESCMS suffers from SQL injection vulnerability (CNVD-2020-48932)

BEESCMS adopts PHP+MYSQL, featuring multi-language system and easy expansion of content modules. BEESCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

File Deletion Vulnerability in SongCMS PHP Version

SongCMS is a PHP MySQL, ASP Access/SQL Server based development , enterprise-oriented , multi-language support , free , open source CMS, to help business users to quickly build and deploy enterprise-level portal . SongCMS arbitrary file deletion vulnerability , an attacker can exploit the...

Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Request Forgery Vulnerability (CNVD-2020-17149)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A cross-site request forgery vulnerability exists in Chadha Software Technologies PHPKB Standard Multi-Language. The vulnerability...

File Upload Vulnerability in Acme CMS

Acme CMS is a CMS builder using PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction. Acme CMS has a file upload vulnerability that can be exploited by attackers to gain server privileges...

[SECURITY] Fedora 30 Update: python-notebook-5.7.8-1.fc30

The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...

phpMussel - PHP-based Anti-Virus Anti-Trojan Anti-Malware Solution

phpMussel is an ideal solution for shared hosting environments, where it's often not possible to utilize or install conventional anti-virus protection solutions, phpMussel is a PHP script designed to detect trojans, viruses,malware and other threats within files uploaded to your system wherever t...

Securely and Anonymously Send and Receive Files: OnionShare

OnionShare is an open source tool for securely and anonymously sending and receiving files using Tor onion services. It works by starting a web server directly on your computer and making it accessible as an unguessable Tor web address that others can load in Tor Browser to download files from yo...