Lucene search
K

377 matches found

RedHat Linux
RedHat Linux
added 2025/02/04 12:31 a.m.5 views

glib: buffer overflow in set_connect_msg()

A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4CONNMSGLEN. This issue may lead to an application crash or other undefined behavior...

9.8CVSS7.3AI score0.01263EPSS
Exploits1References7
The Hacker News
The Hacker News
added 2025/01/21 12:46 p.m.32 views

13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks

A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "takes advantage of misconfigured DNS records to pass email protection techniques,"...

9.1CVSS8AI score0.01313EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.10 views

PT-2025-54486

Name of the Vulnerable Software and Affected Versions libcurl versions prior to 7.87.0-150400.7.26.1 openSUSE Leap 15.6 affected versions not specified SUSE Linux Enterprise Server 15 SP4 affected versions not specified Description The issue relates to libcurl's handling of TLS options during...

6.3CVSS7.3AI score0.00611EPSS
Exploits1References93
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/12/23 6:31 a.m.12 views

Heels on fire. Hacking smart ski socks

TL;DR A silly-season BLE connectivity story Overheat people’s smart ski socks …but only when in Bluetooth range AND when the owner's phone is out of range of their feet! Having experienced painfully cold feet several times over the years while skiing, including once at minus 42°C in the Canadian...

7.5AI score
Exploits0
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.5 views

Inferno Nettverk Dante 安全漏洞

Inferno Nettverk Dante is a free SOCKS server from Inferno Nettverk. A security vulnerability exists in Inferno Nettverk Dante versions 1.4.0 through 1.4.3 that stems from incorrect access control for some configurations...

9.1CVSS6.5AI score0.00512EPSS
Exploits0References3
OSV
OSV
added 2024/12/02 5:45 p.m.19 views

MGASA-2024-0386 Updated glib2.0 packages fix security vulnerability

Buffer overflow in socks proxy code in glib 2.82.1. CVE-2024-52533...

9.8CVSS8.6AI score0.01263EPSS
Exploits1References3
Mageia
Mageia
added 2024/12/02 5:45 p.m.22 views

Updated glib2.0 packages fix security vulnerability

Buffer overflow in socks proxy code in glib 2.82.1. CVE-2024-52533...

9.8CVSS7.3AI score0.01263EPSS
Exploits1References2
OSV
OSV
added 2024/11/25 5:20 p.m.7 views

CLSA-2024-1732555216 Fix CVE(s): CVE-2024-52533

SECURITY UPDATE: Buffer overflow due to off-by-one error in gsocks4aproxy.c - debian/patches/CVE-2024-52533.patch: Fix single byte buffer overflow in connect messages due to incorrect calculation in SOCKS4CONNMSGLEN - CVE-2024-52533...

9.8CVSS7.3AI score0.01263EPSS
Exploits1References1
OSV
OSV
added 2024/11/22 2:22 p.m.6 views

OESA-2024-2437 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: gio/gsocks4aproxy.c in GNOME GLib before...

9.8CVSS7.6AI score0.01263EPSS
Exploits1References2
OSV
OSV
added 2024/11/22 2:22 p.m.3 views

OESA-2024-2435 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: gio/gsocks4aproxy.c in GNOME GLib before...

9.8CVSS7.6AI score0.01263EPSS
Exploits1References2
OSV
OSV
added 2024/11/15 12:19 p.m.3 views

OESA-2024-2381 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: gio/gsocks4aproxy.c in GNOME GLib before...

9.8CVSS7.6AI score0.01263EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2024/11/13 3:49 a.m.3 views

SUSE CVE-2024-52533

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character...

7.1CVSS8AI score0.01263EPSS
Exploits1References14
OSV
OSV
added 2024/11/11 11:15 p.m.1 views

DEBIAN-CVE-2024-52533

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character...

9.8CVSS7.7AI score0.01263EPSS
Exploits1References1
AlmaLinux
AlmaLinux
added 2024/11/05 12:0 a.m.19 views

Moderate: python3.12-urllib3 security update

urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: • Thread safety. • Connection pooling. • Client-side SSL/TLS verification. • File uploads with multipart encoding. • Helpers for retrying request...

6.5CVSS5.2AI score0.01141EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/05/11 12:0 a.m.16 views

openSUSE Security Advisory (openSUSE-SU-2024:0119-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.63076EPSS
Exploits3References6
OSV
OSV
added 2024/05/10 12:42 p.m.6 views

OPENSUSE-SU-2024:0119-1 Security update for tinyproxy

This update for tinyproxy fixes the following issues: - Update to release 1.11.2 Fix potential use-after-free in header handling CVE-2023-49606, boo1223746 Prevent junk from showing up in error page in invalid requests CVE-2022-40468, CVE-2023-40533, boo1223743 - Move tinyproxy program to /usr/bi...

9.8CVSS7.2AI score0.63076EPSS
Exploits3References10
Kitploit
Kitploit
added 2024/05/08 3:30 a.m.45 views

NTLM Relay Gat - Powerful Tool Designed To Automate The Exploitation Of NTLM Relays

NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM relays using ntlmrelayx.py from the Impacket tool suite. By leveraging the capabilities of ntlmrelayx.py, NTLM Relay Gat streamlines the process of exploiting NTLM relay vulnerabilities, offering a range of...

8.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.2 views

PT-2024-14675 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A deadlock situation in the Linux kernel has been resolved by changing j1939 socks lock to an rwlock. The deadlock occurred due to a circular lock dependency between j1939 socks lock,...

9.8CVSS6.6AI score0.78388EPSS
Exploits6References983
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/03/06 6:12 a.m.51 views

Living off the land with native SSH and split tunnelling

TL;DR Attackers can use Microsoft native SSH client to forward out internal network traffic Windows native SSH is common The attack only needs minimal set-up and commands Quicker and more cost effective for an attacker than using C2 infrastructure Reduces likelihood of Blue team detection...

7.6AI score
Exploits0
NVD
NVD
added 2024/02/27 4:15 p.m.11 views

CVE-2024-25398

In Srelay the SOCKS proxy and Relay v.0.4.8p3, a specially crafted network payload can trigger a denial of service condition and disrupt the service...

7.5CVSS6.5AI score0.00746EPSS
Exploits1References2
Rows per page
Query Builder