Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919-Sniper !CVE-2024-24919 Sniper Screenshotsni...

Uscrapper - Powerful OSINT Webscraper For Personal Data Collection

Introducing Uscrapper 2.0, A powerfull OSINT webscrapper that allows users to extract various personal information from a website. It leverages web scraping techniques and regular expressions to extract email addresses, social media links, author names, geolocations, phone numbers, and usernames...

Valid8Proxy - Tool Designed For Fetching, Validating, And Storing Working Proxies

Valid8Proxy is a versatile and user-friendly tool designed for fetching, validating, and storing working proxies. Whether you need proxies for web scraping, data anonymization, or testing network security, Valid8Proxy simplifies the process by providing a seamless way to obtain reliable and...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Owncloud Graph_Api

CVE-2023-49103 PoC for the CVE-2023-49103 Overview This Py...

PT-2023-6996 · Siemens · Scalance M812-1 +15

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RM1224 LTE4G EU versions V8.0 RUGGEDCOM RM1224 LTE4G NAM versions V8.0 SCALANCE M804PB versions V8.0 SCALANCE M812-1 ADSL-Router versions V8.0 SCALANCE M816-1 ADSL-Router versions V8.0 SCALANCE M826-2 SHDSL-Router versions V8.0...

AZL-25852 CVE-2023-27537 affecting package mysql for versions less than 8.0.33-1

A double free vulnerability exists in libcurl 8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread...

FindUncommonShares - A Python Equivalent Of PowerView's Invoke-ShareFinder.ps1 Allowing To Quickly Find Uncommon Shares In Vast Windows Domains

The script FindUncommonShares.py is a Python equivalent of PowerView's Invoke-ShareFinder.ps1 allowing to quickly find uncommon shares in vast Windows Active Directory Domains. Features Only requires a low privileges domain user account. Automatically gets the list of all computers from the domai...

ThreatHound - Tool That Help You On Your IR & Threat Hunting And CA

This tool will help you on your IR & Threat Hunting & CA. just drop your event log file and anlayze the results. New Release Features: support windows ThreatHound.exe C for Linux based new vesion available in C also now you can save results in json file or print on screen it as you want by arg...

SUSE CVE-2014-3509

Race condition in the sslparseserverhellotlsext function in t1lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service memory overwrite and client application crash or possibly have...

SUSE CVE-2016-1181

ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service unexpected memory access via a multipart request, a related issue to CVE-2015-0899...

SUSE CVE-2016-8605

The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. Th...

SUSE CVE-2016-8623

A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure...

SUSE CVE-2018-1000030

Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are...

Mozilla: Use-after-free in InputStream implementation

The Mozilla Foundation Security Advisory describes this flaw as: Freeing arbitrary nsIInputStream's on a different thread than creation could have led to a use-after-free and potentially exploitable crash...

BlueSky ransomware incorporates Multithreading to expedite encryption

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary BlueSky ransomware is actively targeting businesses and demanding a ransom. It appears that they have ties with the Conti ransomware group. The malware is now primarily targeting Windows hosts and uses...

Exploit for CVE-2022-21907

CVE-2022-21907 Golang Application by 1vere$k CVE-2022-21907 -...

libvirt: segmentation fault during VM shutdown can lead to vdsm hang

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down...

UBUNTU-CVE-2022-1097

NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird 91.8, Firefox 99, and Firefox ESR 91.8...

Win-Brute-Logon - Crack Any Microsoft Windows Users Password Without Any Privilege (Guest Account Included)

This PoC was ported in pure PowerShell: https://github.com/DarkCoderSc/power-brute-logon Win Brute Logon Proof Of Concept Release date: 2020-05-14 Target: Windows XP to Latest Windows 10 Version 1909 Weakness location : LogonUserA, LogonUserW, CreateProcessWithLogonA, CreateProcessWithLogonW Usag...

Ipsourcebypass - This Python Script Can Be Used To Bypass IP Source Restrictions Using HTTP Headers

This Python script can be used to bypass IP source restrictions using HTTP headers. Features 17 HTTP headers. Multithreading. JSON export with --json outputfile.json. Auto-detecting most successfull bypasses. Usage $ ./ipsourcebypass.py -h IP source bypass using HTTP headers, v1.1 usage:...