MAL-2024-9265 Malicious code in cyberart (PyPI)

The package contains code to download and execute a reverse shell script. --- -= Per source details. Do not edit below this line.=- Source: kam193 a56fce758142261d4c665b192e7f292a8b9c89a750be3271fc2e1c784d886828 When imported, the package download and runs a remote stage - a reverse shell. To mas...

Exploit for Code Injection in Geoserver

CVE-2024-36401 vulnerability graphical exploitation t...

The vulnerability of the Reverse Proxy Server Containous Traefik, due to insufficient verification of data authenticity, allows a hacker to execute arbitrary code.

The vulnerability of the Reverse Proxy Server of Containous Traefik is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code using a specially created HTTP request...

Exploit for Cross-site Scripting in Wondercms

CVE-2023-41425 Description A Cross Site Scripting vulnerab...

Exploit for OS Command Injection in Zimbra Collaboration

CVE-2024-45519 SMTP Vulnerability Exploit Script Overview Th...

nginx: Multiple Vulnerabilities

Background nginx is a robust, small, and high performance HTTP and reverse proxy server. Description Multiple vulnerabilities have been discovered in nginx. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 WinRAR Exploit Generator Created by: tech...

Allow HTTP Strict Transport Security (HSTS) to be configured in Bamboo 10

h3. Issue Summary This is reproducible on Data Center: / Up until Bamboo 9.6, HTTP Strict Transport Security|https://tools.ietf.org/html/rfc6797 was configurable in Bamboo by following the steps outlined in this KB article: How do I enable HSTS and other HTTP Security Headers in Bamboo Data...

SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits

SafeLine is a self-hosted WAFWeb Application Firewall to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL...

Traccar 5.12 Remote Code Execution

class MetasploitModule 'Traccar v5 Remote Code Execution CVE-2024-31214 and CVE-2024-24809', 'Description' = %q Remote Code Execution in Traccar v5.1 - v5.12. Remote code execution can be obtained by combining two vulnerabilities: A path traversal vulnerability CVE-2024-24809 and an unrestricted...

CVE-2024-47220

A flaw was found in the webrick toolkit. This issue occurs because the server incorrectly handles requests with both Content-Length and Transfer-Encoding headers. This can allow an attacker to sneak in an extra request such as GET /admin after the normal request POST /user. As a result,...

Exploit for Path Traversal in Tuzitio Camaleon_Cms

CVE-2024-46986 Camaleon CMS Exploit - Arbitrary File Upload...

File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add

file-unpumper is a powerful command-line utility designed to clean and analyze Portable Executable PE files. It provides a range of features to help developers and security professionals work with PE files more effectively. Features PE Header Fixing : file-unpumper can fix and align the PE header...

CLSA-2024-1726773559 Fix of 5 CVEs

Backport upstream's fixes from OpenJDK 11.0.23 release. - CVE-2024-21011: possible crash on long exception message in Hotspot. - CVE-2024-21012: incorrect performing a reverse DNS query in ConnectionPool class. - CVE-2024-21068: incorrect applying an unsigned integer left shift in Hotspot. -...

SUSE CVE-2024-46778

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfigurationparamsst's UnboundedRequestEnabled is a pointer i.e. dmlboolt UnboundedRequestEnabled, and thus if p-UnboundedRequestEnabled checks its...

AZL-53262 CVE-2024-46776 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Run DCLOGDC after checking link-linkenc WHAT The DCLOGDC should be run after link-linkenc is checked, not before. This fixes 1 REVERSEINULL issue reported by Coverity...

AZL-53247 CVE-2024-46778 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfigurationparamsst's UnboundedRequestEnabled is a pointer i.e. dmlboolt UnboundedRequestEnabled, and thus if p-UnboundedRequestEnabled checks its...

DEBIAN-CVE-2024-46776

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Run DCLOGDC after checking link-linkenc WHAT The DCLOGDC should be run after link-linkenc is checked, not before. This fixes 1 REVERSEINULL issue reported by Coverity...

UBUNTU-CVE-2024-46776

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Run DCLOGDC after checking link-linkenc WHAT The DCLOGDC should be run after link-linkenc is checked, not before. This fixes 1 REVERSEINULL issue reported by Coverity...

Exploit for CVE-2024-32651

CVE-2024-32651 changedetection --port --ip --notification...