CVE-2025-31974

HCL BigFix Service Management SM is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system components, potentially increasing the risk of system compromise or unauthorized changes...

CVE-2025-31974 HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only

HCL BigFix Service Management SM is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system components, potentially increasing the risk of system compromise or unauthorized changes...

HP Poly Lens 安全漏洞

HP Poly Lens is a unified collaboration management and device management software from Hewlett-Packard HP. A security vulnerability exists in HP Poly Lens that stems from allowing file system modifications that could result in gaining SYSTEM privileges...

Ubiquiti多款产品 安全漏洞

Ubiquiti UniFi Connect EV Station and others are products of Ubiquiti, Inc.Ubiquiti UniFi Connect EV Station is an electric vehicle station.Ubiquiti UniFi Connect Display is an access control system monitor device. Ubiquiti UniFi Connect Display Cast is a player. A security vulnerability exists i...

CVE-2025-43243

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system...

CVE-2023-38564

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to modify protected parts of the file system...

CVE-2025-31262

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to modify protected parts of the file system...

CVE-2025-24282

A library injection issue in macOS Sequoia was addressed with additional restrictions. The vulnerability could allow an app to modify protected parts of the file system and is fixed in macOS Sequoia 15.4. Affected product: macOS Sequoia; fix version: 15.4. CVE-2025-24282. Exploitation status is n...

CVE-2024-44267

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to modify protected parts of the file system...

About the security content of macOS Ventura 13.7.1

About the security content of macOS Ventura 13.7.1 This document describes the security content of macOS Ventura 13.7.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

Lancefly APT Group Deploys Custom Backdoor ‘Merdoor’ in Targeted Attacks

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Lancefly APT group targets South and Southeast Asia using the Merdoor backdoor and an updated ZXShell rootkit. Their attack chain involves credential theft, lateral movement, file staging, and...

CVE-2023-23538

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system...

CVE-2021-1739

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify...

PoC Exploit Targeting Apache Struts Surfaces on GitHub

Proof-of-concept exploit code surfaced on GitHub on Friday, raising the stakes on two existing Apache Struts 2 bugs that allow for remote code-execution and denial-of-service attacks on vulnerable installations. The Cybersecurity and Infrastructure Security Agency CISA issued an alert regarding t...

CVE-2020-9820

CVE-2020-9820 is an Apple iOS/iPadOS vulnerability described as a logic issue in the File System component that allowed a remote attacker to modify the file system. The issue is fixed in iOS 13.5 and iPadOS 13.5. The available sources (NVD/Apple Red Hat entry, CNVD) confirm the description and th...

Oracle Application Testing Suite ReportImage tempfilename Directory Traversal (CVE-2016-0489)

A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation in the Oracle Test Manager component while processing the HTTP request parameter tempfilename. A remote, authenticated attacker could exploit this...

Mandrake Security may make unexpected system modifications

Overview The Mandrake Security utility included with Mandrake Linux may make unexpected modifications that affect system security. Description Mandrake Linux includes a tool named Mandrake Security msec that allows system administrators to manage and audit various system parameters associated wit...

asmcodes.txt

http://www.rootshell.com/ ----------------- begin asmcodes.txt --------------------- -- Assembly drop in replacements -- Probably useless, but can be a little fun ;- Here are some assembly instructions that you can drop into your favorite buffer overflow exploit. Generally, replacing existing...