ROOT-OS-DEBIAN-11-CVE-2024-42230 CVE-2024-42230 in rootio-linux - Patched by Root

Root has patched CVE-2024-42230 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

EUVD-2026-5682

Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure...

XSS-FINDER

usage python xssscanner.py ╔═════════════════════════════════...

EUVD-2018-13173

Malware in sbrugna...

CVE-2025-10994

A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and...

UBUNTU-CVE-2025-10994

A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and...

CVE-2025-10994

A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and...

openbabel 资源管理错误漏洞

openbabel is a chemistry toolkit software from Open Babel open source. A resource management error vulnerability exists in openbabel 3.1.1 and earlier versions, which stems from a post-release reuse issue in the GAMESSOutputFormat::ReadMolecule function in the file gamessformat.cpp, which could...

CVE-2024-45812

A DOM clobbering vulnerability was found in ViteJS. This may lead to cross-site scripting XSS attacks on websites that include Vite-bundled files configured with an output format of cjs, iife, or umd, and allow users to inject certain scriptless HTML tags without properly sanitizing the name or i...

CVE-2024-45812

Vite a frontend build tooling framework for javascript. Affected versions of vite were discovered to contain a DOM Clobbering vulnerability when building scripts to cjs/iife/umd output format. The DOM Clobbering gadget in the module can lead to cross-site scripting XSS in web pages where scriptle...

CVE-2024-23642 GeoServer Stored Cross-Site Scripting (XSS) vulnerability in Simple SVG Renderer

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A stored cross-site scripting XSS vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with workspace-level privileges to store a...

SUSE-SU-2023:1949-1 Security update for openstack-cinder, openstack-nova, python-oslo.utils

This update for openstack-cinder, openstack-nova, python-oslo.utils contains the following fixes: Security fixes included on this update: openstack-cinder, openstack-nova: - CVE-2022-47951: Fixed file access control through custom VMDK flat descriptor. bsc1207321 Non-security changes included on...

APKHunt - Comprehensive Static Code Analysis Tool For Android Apps That Is Based On The OWASP MASVS Framework

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their cod...

Naabu - A Fast Port Scanner Written In Go With A Focus On Reliability And Simplicity

Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply. Features Fast And Simple SYN/CONNECT probe...

Vulnerability fixed in ClamAV

A vulnerability has been fixed in ClamAV. A malicious party could potentially exploit the vulnerability to cause a denial-of-service cause by having a rogue file opened by the parser in the application. The clamscan --gen-json function must be enabled. -= ClamAV =- Cisco has released updates to f...

XC - A Small Reverse Shell For Linux And Windows

Netcat like reverse shell for Linux & Windows. Features Windows Usage: └ Shared Commands: !exit !upload uploads a file to the target !download downloads a file from the target !lfwd local portforwarding like ssh -L !rfwd remote portforwarding like ssh -R !lsfwd lists active forwards !rmfwd remove...

rsyslog bug fix and enhancement update

The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Bug Fixes and Enhancements: rsyslog fails to execute actions due to having a too lar...

rsyslog bug fix and enhancement update

An update is available for rsyslog. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It...

Unbreakable Enterprise kernel security update

4.14.35-2047.501.2 - scsi: iscsi: Verify lengths on passthrough PDUs Chris Leech Orabug: 32634994 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE Chris Leech Orabug: 32634994 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi:...

Cloudlist - A Tool For Listing Assets From Multiple Cloud Providers

Cloudlist is a multi-cloud tool for getting Assets Hostnames, IP Addresses from Cloud Providers. This is intended to be used by the blue team to augment Attack Surface Management efforts by maintaining a centralized list of assets across multiple clouds with very little configuration efforts...