EUVD-2023-12212

Malicious code in bioql PyPI...

EUVD-2023-54346

Malicious code in bioql PyPI...

[SECURITY] Fedora 42 Update: openssh-9.9p1-11.fc42

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

[SECURITY] Fedora 40 Update: openssh-9.6p1-2.fc40

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

NewStart CGSL MAIN 6.02 : dhcp Multiple Vulnerabilities (NS-SA-2024-0061)

The remote NewStart CGSL host, running version MAIN 6.02, has dhcp packages installed that are affected by multiple vulnerabilities: - An integer overflow vulnerability was found in the DHCP server. When the optioncodehashlookup function is called from addoption, it increases the option's refcoun...

MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure", 'Description' = %q This module will use the Microsoft XMLDOM object to enumerat...

HP Operations Manager Perfd Environment Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Operations Manager Perfd Environment Scanner', 'Description' = %q This module will enumerate the process list of a remote machine by abusing H...

Exploit for Code Injection in Vmware Cloud_Foundation

CVE-2024-22274 Exploit This repository contains an exploit fo...

CVE-2023-4494

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

CVE-2023-4491

Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, asking for the name via a POST request, resulting in arbitrary code execution on the remote machine...

Buffer overflow

Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, asking for the name via a POST request, resulting in arbitrary code execution on the remote machine...

CVE-2023-4494 Easy Chat Server Stack-based buffer overflow vulnerability

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

CVE-2023-4494 Easy Chat Server Stack-based buffer overflow vulnerability

Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine...

CVE-2023-4491 Easy Address Book Web Server Buffer overflow vulnerability

Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, asking for the name via a POST request, resulting in arbitrary code execution on the remote machine...

CVE-2023-4491

CVE-2023-4491 affects Easy Address Book Web Server 1.6. It is a remote buffer overflow in the /searchbook.ghp API endpoint triggered by sending an overly long username string via POST, leading to arbitrary code execution on the remote host. The CVE is rated 9.8/CRITICAL (CVSS 3.1) with Network at...

Malicious code in ktarco1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e3f2253e55d0e67c351fbfa882017f51f5575f1488573afd9ee2b83e277be23 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Null pointer dereference

A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmetsetupauth, allows an attacker to perform a Pre-Auth Denial of Service DoS attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4...

CVE-2023-0122

A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmetsetupauth, allows an attacker to perform a Pre-Auth Denial of Service DoS attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4...

CVE-2022-23482

CVE-2022-23482 affects the xrdp server: prior to version 0.9.21, it contains an out-of-bounds read in the function xrdp_sec_process_mcs_data_CS_CORE(). Upgrading is recommended to mitigate the vulnerability; multiple advisories note fixes in 0.9.21 (and later) across Debian, Alpine, and other dis...

CVE-2021-44426

An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5. An upload of an arbitrary file to a victim's local /Downloads/ directory is possible if the victim is using the AnyDesk Windows client to connect to a remote machine, if an attacker is also connected remotely with AnyDesk to...