The vulnerability of the box_mpy() function in the Virtuoso-OpenSource web application development platform allows a hacker to trigger a service failure.

The vulnerability of the boxmpy function in the Virtuoso-OpenSource web application development platform exists due to insufficient testing of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures after executing the SELECT operator...

CVE-2024-20852

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration...

CVE-2024-20852

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration...

CVE-2024-20852

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration...

CVE-2024-20852

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration...

CVE-2024-20852

CVE-2024-20852 affects Samsung SmartThings prior to version 1.8.13.22, due to improper verification of intent by a broadcast receiver. Local attackers could access testing configuration. Remediation: upgrade to version 1.8.13.22 or later. No exploitation details are provided in the supplied docum...

PT-2024-18762 · Samsung · Smartthings

Name of the Vulnerable Software and Affected Versions: SmartThings versions prior to 1.8.13.22 Description: The issue is related to improper verification of intent by a broadcast receiver, allowing local attackers to access testing configuration. Recommendations: For versions prior to 1.8.13.22,...

Drozer - The Leading Security Assessment Framework For Android

drozer formerly Mercury is the leading security testing framework for Android. drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints and the underlying OS. drozer provides tools to...

Exploit for CVE-2024-28247

CVE-2024-28247 Pi-hole Arbitrary File Read Description Thi...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 Malicious code was discovered in the upstream ta...

[SECURITY] [DSA 5649-1] xz-utils security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5649-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2024 https://www.debian.org/security/faq -...

The Golden Age of Automated Penetration Testing is Here

Network penetration testing plays a vital role in detecting vulnerabilities that can be exploited. The current method of performing pen testing is pricey, leading many companies to undertake it only when necessary, usually once a year for their compliance requirements. This manual approach often...

Podman affected by CVE-2024-1753 container escape at build time

Impact What kind of vulnerability is it? Who is impacted? Users running containers with root privileges allowing a container to run with read/write access to the host system files when selinux is not enabled. With selinux enabled, some read access is allowed. Patches From @nalind . This is a patc...

CVE-2021-47145

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUGON in linktofixupdir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 1 SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ 305...

Radamsa - A General-Purpose Fuzzer

Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestringly different outputs from them. The main...

CVE-2021-47172

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as pa...

CVE-2021-47172 iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as pa...

CVE-2021-47146

In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mldnewpack mldnewpack doesn't allow to allocate high order page, only order-0 allocation is allowed. If headroom size is too large, a kernel panic could occur in skbput. Test commands: ip netns del A ip netns de...

CVE-2021-47145

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUGON in linktofixupdir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 1 SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ 305...

CVE-2021-47145

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUGON in linktofixupdir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 1 SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ 305...