Startup-SBOM - A Tool To Reverse Engineer And Inspect The RPM And APT Databases To List All The Packages Along With Executables, Service And Versions

This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed. The process and objective is simple we can get a clear perspective view on the packages installed by APT currently working on implementing this for RPM and other package managers. This is...

The vulnerability of Ollama’s system for running and managing large language models (LLMs) lies in its reliance on reverse DNS resolution for IP addresses. This allows attackers to perform DNS Rebinding attacks or cause service failures.

The vulnerability of Ollama’s system for running and managing large language models is related to the use of reverse DNS resolution for IP addresses. Exploiting this vulnerability could allow a remote attacker to perform a DNS Rebinding attack or cause a service failure...

[SECURITY] Fedora 39 Update: rust-rustcat-1.3.0-11.fc39

Rustcat - The Modern Port Listener & Reverse Shell...

OSX aarch64 Shell Reverse TCP

Connect back to attacker and spawn a command shell Module Options msf use payload/osx/aarch64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show options ...show and set options... msf payloadshellreversetcp r...

Symfony2 security issue when the trust proxy mode is enabled

An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp method for sensitive decisions like IP based access control. To fix this security issue, the following changes have been made to all versions of Symfony2: A new Request::setTrustedProxies method...

AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1936 AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24851 SUMMARY A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn...

Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm

POC exploit for Dolibarr example: python3 exploit.py http...

Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm

POC exploit for Dolibarr example: python3 exploit.py http...

CVE-2024-5407

A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...

CVE-2024-5407

A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...

CVE-2024-5407 Code Injection vulnerability in RhinOS from SaltOS

A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...

CVE-2024-5407 Code Injection vulnerability in RhinOS from SaltOS

A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...

CVE-2024-5407

CVE-2024-5407 affects RhinOS 3.0-1190. A PHP code injection via the search parameter in /portal/search.htm is described, enabling a remote attacker to run a reverse shell and thereby compromise the entire infrastructure. Concrete details from connected sources specify the vulnerable component (Rh...

HTTP Header Spoofing

silverstripe/framework is vulnerable to HTTP header spoofing. The vulnerability is due to trusting all originating IPs to include HTTP headers for Hostname, IP, and Protocol, which results in reverse proxies forwarding requests while retaining the original request information...

RhinOS 代码注入漏洞

RhinOS is a web development framework. A code injection vulnerability exists in RhinOS version 3.0-1190, which stems from the ease of injecting PHP code via the search parameter in /portal/search.htm, which could lead to an attacker executing a reverse shell and compromising the entire...

Fedora: Security Advisory for rust-rustcat (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-uu_tac (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm

CVE-2023-30253 Description Dolibarr before 17.0.1 al...

[SECURITY] Fedora 40 Update: rust-uu_tac-0.0.23-3.fc40

tac uutils concatenate and display input lines in reverse order...

[SECURITY] Fedora 40 Update: rust-rustcat-1.3.0-11.fc40

Rustcat - The Modern Port Listener & Reverse Shell...