2265 matches found
CVE-2024-36054
Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily read kernel memory and consequently gain all privileges via IOCTL 0x9c4064b8 via MmMapIoSpace and IOCTL 0x9c406490 via ZwMapViewOfSection...
CVE-2024-36054
Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily read kernel memory and consequently gain all privileges via IOCTL 0x9c4064b8 via MmMapIoSpace and IOCTL 0x9c406490 via ZwMapViewOfSection...
CVE-2021-47360
In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to...
CVE-2021-47360
In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to...
CVE-2021-47360 binder: make sure fd closes complete
In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to...
CVE-2021-47360 binder: make sure fd closes complete
In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to...
DEBIAN-CVE-2024-35871
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...
Linux-Smart-Enumeration - Linux Enumeration Tool For Pentesting And CTFs With Verbosity Levels
First, a couple of useful oneliners ; wget "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -O lse.sh;chmod 700 lse.sh curl "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -Lo lse.sh;chmod 700 lse.sh Note that...
ShellSweep - PowerShell/Python/Lua Tool Designed To Detect Potential Webshell Files In A Specified Directory
ShellSweep ShellSweeping the evil Why ShellSweep "ShellSweep" is a PowerShell/Python/Lua tool designed to detect potential webshell files in a specified directory. ShellSheep and it's suite of tools calculate the entropy of file contents to estimate the likelihood of a file being a webshell. High...
CVE-2024-1067
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...
UBUNTU-CVE-2024-26986
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in createprocess failure Fix memory leak due to a leaked mmget reference on an error handling code path that is triggered when attempting to create KFD processes while a GPU reset is in progress...
Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity
CVE-2023-42793 - TeamCity Admin Account Creation lead to RCE...
Exploit for Path Traversal in Jetbrains Teamcity
RCity - CVE-2024-27198 RCE & Admin Account Creation & CVE-20...
Cookie-Monster - BOF To Steal Browser Cookies & Credentials
Steal browser cookies for edge, chrome and firefox through a BOF or exe! Cookie-Monster will extract the WebKit master key, locate a browser process with a handle to the Cookies and Login Data files, copy the handles and then filelessly download the target. Once the Cookies/Login Data files are...
Real-time File Access Monitoring (FAM) with Qualys FIM
What is File Access Monitoring FAM? FAM is a security practice that involves tracking and logging access to sensitive files. FAM should be included with any File Integrity Monitoring FIM solution to trigger alerts when critical host files not intended for regular use are accessed. Importance of F...
CVE-2024-30721
CVE-2024-30721 is rejected; this candidate withdrawn and not an active vulnerability entry.
CVE-2024-30703
CVE-2024-30703 entry is rejected and not used; no vulnerability exists.
CVE-2024-30688
CVE-2024-30688 is rejected/not used and does not represent an active vulnerability entry.
R2Frida - Radare2 And Frida Better Together
This is a self-contained plugin for radare2 that allows to instrument remote processes using frida. The radare project brings a complete toolchain for reverse engineering, providing well maintained functionalities and extend its features with other programming languages and tools. Frida is a...
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT. The attacks entail the exploitation of CVE-2024-27198 CVSS score...