[SECURITY] Fedora 43 Update: roundcubemail-1.6.13-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

XSS-cheat-sheet-txt-dictionary-by-PortSwigger

XSS cheat sheet dictionary by PortSwigger PortSwigger diction...

EUVD-2011-2801

Malware in sbrugna...

EUVD-2022-51428

Malicious code in bioql PyPI...

CVE-2022-4051

A vulnerability has been found in Hostel Searching Project and classified as critical. This vulnerability affects unknown code of the file view-property.php. The manipulation of the argument propertyid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

CVE-2010-4759

Open Ticket Request System OTRS before 3.0.0-beta7 does not properly restrict the ticket ages that are within the scope of a search, which allows remote authenticated users to cause a denial of service daemon hang via a fulltext search...

[SECURITY] Fedora 39 Update: roundcubemail-1.6.7-1.fc39

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 40 Update: roundcubemail-1.6.7-1.fc40

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

CVE-2024-22719

SQL Injection vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary SQL commands via the 'keyword' when searching for a client...

KnowsMore - A Swiss Army Knife Tool For Pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS And DCSync)

KnowsMore officially supports Python 3.8+. Main features Import NTLM Hashes from .ntds output txt file generated by CrackMapExec or secretsdump.py Import NTLM Hashes from NTDS.dit and SYSTEM Import Cracked NTLM hashes from hashcat output file Import BloodHound ZIP or JSON file BloodHound importer...

[SECURITY] Fedora 38 Update: roundcubemail-1.6.5-1.fc38

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Metasploit Weekly Wrap-Up

That Privilege Escalation Escalated Quickly This release features a module leveraging CVE-2023-22515, a vulnerability in Atlassian’s on-premises Confluence Server first listed as a privilege escalation, but quickly recategorized as a “broken access control” with a CVSS score of 10. The exploit...

IBM Content Navigator Cross-Site Scripting Vulnerability (CNVD-2023-98176)

IBM Content Navigator is a Web client from International Business Machines IBM. The product supports searching and processing documents stored in content servers from a Web browser. IBM Content Navigator suffers from a cross-site scripting vulnerability that stems from the application's lack of...

Threat Roundup for September 22 to September 29

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Sept. 22 and Sept. 29. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

[SECURITY] Fedora 37 Update: roundcubemail-1.6.3-1.fc37

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Sensitive Data Exposure

Ransack is vulnerable to Sensitive Data Exposure Vulnerability. The vulnerability is due to allowing the default behavior of unsafe searching and querying on all class attributes and associations leading to sensitive attributes exposure of classes used in application. This can lead to fully...

Generative AI Assistant Makes Hunting Threats Faster

Learn how analysts can search for threats with greater accuracy, speed, and effectiveness...

Threat Roundup for June 9 to June 16

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between June 9 and June 16. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for April 14 to April 21

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between April 14 and April 21. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

[SECURITY] Fedora 38 Update: bzip3-1.3.0-1.fc38

These are tools for compressing, decompressing, printing, and searching bzip3 files. bzip3 features higher compression ratios and better performance than bzip2 thanks to an order-0 context mixing entropy coder, a fast Burrows-Wheeler transform code making use of suffix arrays and a run-length...