Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

CVE-2024-3400 PoC for educational purposes only. only use on...

RHEL 7 : evince (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - evince: Command injection when exporting to PDF CVE-2017-1000159 Note that Nessus has not tested for this issue but...

RHEL 7 : plexus-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - plexus-utils: Mishandled strings in Commandline class allow for command injection CVE-2017-1000487 Note that Nessus...

RHEL 7 : freeipa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - freeipa: specially crafted HTTP requests potentially lead to denial of service CVE-2024-1481 Note that Nessus has n...

RHEL 5 : patch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - patch: OS shell command injection when processing crafted patch files CVE-2019-13638 - An issue was...

RHEL 8 : nodejs-postcss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-postcss: Regular expression denial of service during source map parsing CVE-2021-23368 Note that Nessus has...

Rocky Linux 9 : nodejs:18 (RLSA-2024:2779)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2779 advisory. - A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function ...

LiteSpeed Cache Plugin XSS Vulnerability Affects 1.8M WordPress Sites

By Deeba Ahmed Is your WordPress site using LiteSpeed Cache? A recent surge in malicious JavaScript injections targets vulnerable versions. Learn how to identify the signs of infection and prevent future attacks. Patch, scan, and secure your WordPress site today! This is a post from HackRead.com...

Google Announces Passkeys Adopted by Over 400 Million Accounts

Google on Thursday announced that passkeys are being used by over 400 million Google accounts, authenticating users more than 1 billion times over the past two years. "Passkeys are easy to use and phishing resistant, only relying on a fingerprint, face scan or a pin making them 50% faster than...

CVE-2024-27060 thunderbolt: Fix NULL pointer dereference in tb_port_update_credits()

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix NULL pointer dereference in tbportupdatecredits Olliver reported that his system crashes when plugging in Thunderbolt 1 device: BUG: kernel NULL pointer dereference, address: 0000000000000020 PF: supervisor read...

CVE-2024-26930

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...

CVE-2024-26930

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...

CVE-2024-26930

CVE-2024-26930 : In the Linux kernel, the SCSI/QLA2xxx double-free vulnerability occurs when ha->vp_map is freed twice (in qla2x00_mem_alloc and again in qla2x00_mem_free). The root cause is a use-after-free-like double free of ha->vp_map; the fix assigns NULL to vp_map and lets kfree handl...

CVE-2024-26930 scsi: qla2xxx: Fix double free of the ha->vp_map pointer

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...

CVE-2024-26930 scsi: qla2xxx: Fix double free of the ha->vp_map pointer

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...

CVE-2024-26930 scsi: qla2xxx: Fix double free of the ha->vp_map pointer

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...

RHEL 8 : Satellite 6.13 Release (Important) (RHSA-2023:2097)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2097 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring...

RHEL 7 : openvswitch (RHSA-2019:0081)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0081 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...

HackerInfo - Infromations Web Application Security

Infromations Web Application Security install : sudo apt install python3 python3-pip pip3 install termcolor pip3 install google pip3 install optioncomplete pip3 install bs4 pip3 install prettytable...

SUSE CVE-2024-26899

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...