CVE-2024-46783 tcp_bpf: fix return value of tcp_bpf_sendmsg()

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...

FreeBSD : Gitlab -- vulnerabilities (bcc8b21e-7122-11ef-bece-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the bcc8b21e-7122-11ef-bece-2cf05da270f3 advisory. Gitlab reports: Execute environment stop actions as the owner of the stop action job Prevent...

CGA-9Q2R-X7FF-9P2C

Bulletin has no description...

BP Monitoring Management System 1.0 PHP Code Injection

============================================================================================================================================= | Title : BP Monitoring Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

CGA-CVRR-7VPX-VR2Q

Bulletin has no description...

The Role of VPNs in Protecting Online Privacy

If you use the Internet, online privacy should be a growing concern as individuals share more personal information…...

Exploit for Use After Free in Debian Debian_Linux

CVE-2024-26581 Vulnerability Checker for BGN Internal Re...

CVE-2023-30587 vulnerabilities

Vulnerabilities for packages: nodejs...

XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`

XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

Cybersecurity Tips For Businesses Using Remote Workers

Remote work offers benefits like reduced costs and wider recruitment but also increases cybersecurity risks. To protect your…...

MAL-2024-8487 Malicious code in @diotoborg/occaecati-fugit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 259ab17bc731292dc9d36fac22a2e52418e13c2f5f0d5938096924a322c66654 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Apache HTTPD Mod_negotiation Filename Bruter

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework modnegotiation bruter http://httpd.apache.org/docs/1.3/content-negotiation.html class MetasploitModule 'Apache HTTPD modnegotiation Filename Bruter', 'Description' = %q...

ES File Explorer Open Port

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ES File Explorer Open Port', 'Description' = %q This module connects to ES File Explorer's HTTP server to run certain commands. The HTTP server i...

FTP Bounce Port Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FTP Bounce Port Scanner', 'Description' = %q Enumerate TCP services via the FTP bounce PORT/LIST method. , 'Author' = 'kris katterjohn', 'License...

Chromecast Wifi Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chromecast Wifi Enumeration', 'Description' = %q This module enumerates wireless access points through Chromecast. , 'Author' = 'wvu', 'Reference...

Cambium EPMP 1000 Login Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium ePMP 1000 Login Scanner', 'Description' = % This module scans for Cambium ePMP 1000 management login portals, and attempts to identify...

Canon IR-Adv Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Canon IR-Adv Password Extractor', 'Description' = %q This module will extract the passwords from address books on various Canon IR-Adv mfp device...

Oracle DB SQL Injection Via SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCPUBLISH.ALTERAUTOLOGCHANGESOURCE', 'Description' = %q The module exploits an sql injection flaw in the...

Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

Summary The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Department of Defense Cyber Crime Center DC3 are releasing this joint Cybersecurity Advisory CSA to warn network defenders that, as of August 2024, a group of Iran-based cyber actors...

CVE-2024-43898

...