open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

RHEL 8 : open-vm-tools (RHSA-2023:7262)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7262 advisory. The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualizati...

CVE-2023-34059

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...

CVE-2023-34059

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...

VMware Tools Security Vulnerability

VMware Tools is an enhancement tool that comes with VMware's VMWare virtual machines, and is a driver provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of the virtual machine with the host computer. A security vulnerabilit...

CVE-2023-34059

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...

UBUNTU-CVE-2023-34059

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...

ConsoleFallbackHandler.sol#simulate transaction cannot simulate transaction properly

Lines of code Vulnerability details Impact ConsoleFallbackHandler.sol does not use static call or delegate call Proof of Concept In the function / @dev Performs a delegetecall on a targetContract in the context of self. Internally reverts execution to avoid side effects making it static. Catches...

DoSinator - A Powerful Denial Of Service (DoS) Testing Tool

DoSinator is a versatile Denial of Service DoS testing tool developed in Python. It empowers security professionals and researchers to simulate various types of DoS attacks, allowing them to assess the resilience of networks, systems, and applications against potential cyber threats. Features...

kernel: ath11k: fix the warning of dev_wake in mhi_pm_disable_transition()

In the Linux kernel, the following vulnerability has been resolved: ath11k: fix the warning of devwake in mhipmdisabletransition When test device recovery with below command, it has warning in message as below. echo assert /sys/kernel/debug/ath11k/wcn6855\ hw2.0/simulatefwcrash echo assert...

depositCollateral allows user's ETH sent along with the tx to be stuck forever

Lines of code Vulnerability details Impact LidoVault and ConvexCurveLPVault both inherit from GeneralVault that implement the method depositCollateral. This method has the keyword payable so it allows users to send ETH with the tx. depositToYieldPool that is called inside depositCollateral in bot...

aquamarine-vm (>=0.1.0 <=0.5.2), ashpaper-plus (>=0.5.0 <=0.5.1) +140 more potentially affected by CVE-2021-32629 via cranelift-codegen (>=0.14.0 <=0.72.0)

cranelift-codegen CARGO version =0.14.0, =0.1.0, =0.5.0, =0.1.0, =0.1.0, =0.2.9, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.26.1, =0.13.2, =0.8.0, =0.14.0, =0.14.0, =0.66.0 and more Source cves: CVE-2021-32629 Source advisory: OSV:GHSA-HPQH-2WQX-7QP5...

monkey

This is a Python script repository for a tool called "Infection Monkey". The tool is designed to simulate a cyber attack on a network by injecting malware into the network and observing the behavior of the malware as it spreads. The script is written in Python and uses the "monkey" framework to...

Improper access control

Huawei Share function in P30 9.1.0.193C00E190R2P1 smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage...

Splunk Attack Range - A Tool That Allows You To Create Vulnerable Instrumented Local Or Cloud Environments To Simulate Attacks Against And Collect The Data Into Splunk

The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a small lab infrastructure as close as possible to your production environment. This lab infrastructure contains a Windows Domain Controller, Windows Workstation and Linux server,...

HackBar - HackBar Plugin For Burpsuite

HackBar - HackBar Plugin For Burpsuite V1.0. Requirements Burpsuite Java How to Install Download Jar 'https://github.com/d3vilbug/HackBar/releases/tag/1.0' and add in burpsuite Tested on Burpsuite 1.7.36 Windows 10 xubuntu 18.04 Upcoming Features/Modules Ctrl + H shortcut WAF bypass SQLi...