348 matches found
RHEL 9 : java-1.8.0-openjdk (RHSA-2023:0209)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0209 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server version 8.0.31 and prior versions. An attacker with elevated privileges who accesses the network via multiple protocols can compromise MySQL Server...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server version 8.0.31 and prior versions. An attacker with elevated privileges who accesses the network via multiple protocols can compromise MySQL Server...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server version 8.0.31 and prior versions. An attacker with elevated privileges who accesses the network via multiple protocols can compromise MySQL Server...
Oracle MySQL Server 安全漏洞
Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server version 8.0.31 and prior versions. An attacker with elevated privileges could compromise MySQL Server by accessing the network via multiple protocols...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server version 8.0.30 and prior versions. An attacker with elevated privileges who accesses the network via multiple protocols can compromise MySQL Server...
NetLlix - A Project Created With An Aim To Emulate And Test Exfiltration Of Data Over Different Network Protocols
A project created with an aim to emulate and test exfiltration of data over different network protocols. The emulation is performed w/o the usage of native API's. This will help blue teams write correlation rules to detect any type of C2 communication or data exfiltration. Currently, this project...
[SECURITY] Fedora 36 Update: wireshark-3.6.10-1.fc36
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
Oracle MySQL 安全漏洞
Oracle MySQL Server is a relational database from Oracle Corporation USA. A denial-of-service vulnerability exists in the Oracle MySQL Server InnoDB component. An attacker can exploit the vulnerability to access the network via multiple protocols, which can compromise MySQL Server and cause MySQL...
Oracle MySQL 安全漏洞
Oracle MySQL Server is a relational database from Oracle Corporation USA. A denial-of-service vulnerability exists in the Server: Connection Handling component of Oracle MySQL Server. An attacker can exploit the vulnerability to access the network via multiple protocols, which can compromise MySQ...
Security Bulletin: TRIRIGA Application Platform Open Redirect Vulnerabilities. (CVE-2014-8894)
Abstract IBM TRIRIGA Application Platform could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. By sending a specially crafted URL, an attacker could exploit this vulnerability using the out parameter to redirect a victim to arbitrary Web sites...
Security Bulletin: TRIRIGA Application Platform Authorization Bypass Vulnerability (CVE-2014-8895)
Abstract IBM TRIRIGA Application Platform could allow a remote attacker to view image files uploaded by other users through the use of a specially crafted URL. Content Vulnerability Details CVEID:CVE-2014-8895 CVSS Base Score: 4.30 CVSS Temporal Score: See...
mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
Exploit for Path Traversal in Secureauth Impacket
Impacket ======== !Latest Versionhttps://img.shields.io/pyp...
Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks
Microsoft has observed the Sliver command-and-control C2 framework now being adopted and integrated in intrusion campaigns by nation-state threat actors, cybercrime groups directly supporting ransomware and extortion, and other threat actors to evade detection. We’ve seen these actors use Sliver...
Ubuntu 16.04 ESM : Linux kernel (Azure) vulnerabilities (USN-5541-1)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5541-1 advisory. Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some...
USN-5541-1: Linux kernel (Azure) vulnerabilities
Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. CVE-2021-4197 Jann Horn discovered that the FUSE file system i...
The vulnerability of the Remote Administration Daemon component for operating systems based on Oracle Solaris allows a hacker to trigger a maintenance failure.
The vulnerability of the Remote Administration Daemon component for operating systems based on Oracle Solaris is related to errors in resource release. Exploiting this vulnerability could allow a malicious actor to cause service interruptions through various network protocols...