Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat

CVE-2024-50379-Exploit This repository provides a Python scri...

openSUSE 15 Security Update : gh (openSUSE-SU-2025:0021-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025:0021-1 advisory. - Update to version 2.65.0: Bump cli/go-gh for indirect security vulnerability Panic mustParseTrackingRef if format is incorrect Move trackingRef into pr...

OPENSUSE-SU-2025:0021-1 Security update for gh

This update for gh fixes the following issues: - Update to version 2.65.0: Bump cli/go-gh for indirect security vulnerability Panic mustParseTrackingRef if format is incorrect Move trackingRef into pr create package Make tryDetermineTrackingRef tests more respective of reality Rework...

SAP NetWeaver AS ABAP Privilege Escalation (3537476)

SAP NetWeaver Application Server for ABAP is affected by privilege escalation vulnerability. SAP NetWeaver Application Server ABAP allows allows an authenticated attacker to obtain illegitimate access to the system by exploiting improper authentication checks, resulting in privilege escalation. O...

CVE-2024-57941

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the non-cancellation of copy when cache is temporarily disabled When the caching for a cookie is temporarily disabled e.g. due to a DIO write on that file, future copying to the cache for that file is disabled until al...

HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects

Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?" often go unresolved, raising concerns about the...

Scaling Dynamic Application Security Testing (DAST)

Introduction Microsoft engineering teams use the Security Development Lifecycle to ensure our products are built in alignment with Microsoft’s Secure Future Initiative security principles: Secure by Design, Secure by Default, and Secure Operations. A key component of the Security Development...

Malicious code in frontend-testing-redefined (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 85a3ef574dfd16ebf3d9533ff76d09cb94946f1acc9fb1708fc6239061a77c88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in testing-in-reise (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7336c52cac589d1a566dcb47ec9914f98494234e4fb8d9c5b36832279776c67 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-251 Malicious code in testing-in-reise (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7336c52cac589d1a566dcb47ec9914f98494234e4fb8d9c5b36832279776c67 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

FreeBSD : electron31 -- multiple vulnerabilities (3161429b-3897-4593-84a0-b41ffbbfa36b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3161429b-3897-4593-84a0-b41ffbbfa36b advisory. Electron developers report: This update fixes the following vulnerabilities: Tenable has...

CVE-2024-57917 topology: Keep the cpumask unchanged when printing cpumap

In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...

CVE-2024-57917

CVE-2024-57917 : In the Linux kernel, the cpumask may be modified during printing of cpumap, causing mismatched lengths in kvasprintf-based formatting. The fix caches the cpumask to a temporary variable before cpumap_print_{list, cpumask}_to_buf() to keep it unchanged during printing. Impact is p...

CVE-2024-57917 topology: Keep the cpumask unchanged when printing cpumap

In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...

Mattermost Server 10.0.x < 10.3 (MMSA-2024-00400)

The version of Mattermost Server installed on the remote host is prior to 10.3. It is, therefore, affected by a improper access control vulnerability as referenced in the MMSA-2024-00400 advisory due to a failure to accurately reflect missing settings, which allows confusion for admins regarding ...

CBL Mariner 2.0 Security Update: kubernetes (CVE-2024-10220)

The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10220 advisory. - The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo...

Fedora 40 : rsync (2025-73c1f25730)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-73c1f25730 advisory. New version 3.4.0. Contains fixes for CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747. Tenable has...

Microsoft Security Update Validation Report January 2025

Microsoft’s January 2025 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwar...

Fortinet Fortigate Path traversal in csfd daemon (FG-IR-24-259)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-24-259 advisory. - A improper limitation of a pathname to a restricted directory 'path traversal' in Fortinet FortiRecorder versions...

Vulnerabilities-Proofs-of-Concept

Vulnerabilities Proofs-of-Concept This repository hosts proof...