BIT-AUTHENTIK-2025-52553 authentik has Insufficient Session verification for Remote Access Control endpoint access

authentik is an open-source identity provider. After authorizing access to a RAC endpoint, authentik creates a token which is used for a single connection and is sent to the client in the URL. This token is intended to only be valid for the session of the user who authorized the connection, howev...

EUVD-2021-21470

Malware in sbrugna...

CVE-2021-34823

The ON24 ScreenShare aka DesktopScreenShare.app plugin before 2.0 for macOS allows remote file access via its built-in HTTP server. This allows unauthenticated remote users to retrieve files accessible to the logged-on macOS user. When a remote user sends a crafted HTTP request to the server, it...

MAL-2023-1173 Malicious code in ent-screenshare-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 94755502800ea05db666be828c8c519ddcf3af8673105b958701a6b3b231197c The OpenSSF Package Analysis project identified 'ent-screenshare-wrapper' @ 3.4.8 npm as malicious. It is considered malicious because: - The...

Malicious code in ent-screenshare-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 94755502800ea05db666be828c8c519ddcf3af8673105b958701a6b3b231197c The OpenSSF Package Analysis project identified 'ent-screenshare-wrapper' @ 3.4.8 npm as malicious. It is considered malicious because: - The...

Malicious code in ent-screenshare (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a4499b3c09730a1381f5aa04687c68b2a4dc60bebf5365636b6da937632d842 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2749 Malicious code in ent-screenshare (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a4499b3c09730a1381f5aa04687c68b2a4dc60bebf5365636b6da937632d842 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-34823

The ON24 ScreenShare aka DesktopScreenShare.app plugin before 2.0 for macOS allows remote file access via its built-in HTTP server. This allows unauthenticated remote users to retrieve files accessible to the logged-on macOS user. When a remote user sends a crafted HTTP request to the server, it...

Path traversal

The ON24 ScreenShare aka DesktopScreenShare.app plugin before 2.0 for macOS allows remote file access via its built-in HTTP server. This allows unauthenticated remote users to retrieve files accessible to the logged-on macOS user. When a remote user sends a crafted HTTP request to the server, it...

CVE-2021-34823

CVE-2021-34823 affects the ON24 ScreenShare (DesktopScreenShare.app) plugin for macOS prior to version 2.0. An unauthenticated remote user can access files via the plugin’s built-in HTTP server. The vulnerability triggers a code path that downloads a configuration file from a remote machine over ...

CVE-2021-34823

The ON24 ScreenShare aka DesktopScreenShare.app plugin before 2.0 for macOS allows remote file access via its built-in HTTP server. This allows unauthenticated remote users to retrieve files accessible to the logged-on macOS user. When a remote user sends a crafted HTTP request to the server, it...

ON24 ScreenShare 代码问题漏洞

ON24 ScreenShare is a plugin for screen sharing from ON24 USA. A security vulnerability exists in versions of the ON24 ScreenShare aka DesktopScreenShare.app plugin prior to version 2.0 for macOS, which allows an attacker to conduct remote file access via its built-in HTTP server...

PwnLnX - An Advanced Multi-Threaded, Multi-Client Python Reverse Shell For Hacking Linux Systems

An advanced multi-threaded , multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer : This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a comput...

Multi Manage the screen of the target meterpreter session

This module allows you to view and control the screen of the target computer via a local browser window. The module continually screenshots the target screen and also relays all mouse and keyboard events to session. This module requires Metasploit: https://metasploit.com/download Current source:...

ScreenShare (tablet) - Customized SSL, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application ScreenShare tablet published at the 'play' market has multiple vulnerabilities...

ScreenShare (phone) - Customized SSL, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application ScreenShare phone published at the 'play' market has multiple vulnerabilities...