How To Test Port Connectivity Using PowerShell Without The Need To Install Telnet Client

Traditionally, admins will install the Telnet Client on a Windows machine to test the ability to reach a port on another computer. The purpose of this article is to provide instructions on how to test connectivity to a specific port on another device using Powershell and without the need to insta...

Incorrect Handling of Return Value in onlyWhenNotPaused Modifier

Lines of code Vulnerability details Description: contract named "L1ChugSplashProxy" which is a proxy contract with additional functionality for code and storage modification. However, there is a bug in the code that needs to be addressed. Bug: The bug is in the modifier onlyWhenNotPaused function...

Unauthorized Access and Control in Proxy Contract

Lines of code Vulnerability details Summary: The code contains a bug that can lead to unauthorized access and control over the contract. This bug allows any caller, even those who are not the owner or address0, to bypass the intended access control mechanisms and execute arbitrary code on the...

Denial of Service via reachable assertion

A grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This was due to incorrect logic when handling GOAWAY frames. The attack is low-effort: it takes very little resources to construct and send the required sequence of frames. The impact on availability is hig...

[SECURITY] Fedora 38 Update: python3.9-3.9.16-4.fc38

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

[SECURITY] Fedora 37 Update: python3.9-3.9.16-2.fc37

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

Cross site scripting

Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded...

GHSA-86H2-2G4G-29QX avo possible unsafe reflection / partial DoS vulnerability

Summary The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes when viewing a manipulated record. Details After reviewing th...

SUSE CVE-2023-3044

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

MAAD-AF - MAAD Attack Framework - An Attack Tool For Simple, Fast And Effective Security Testing Of M365 And Azure AD

MAAD-AF is an open-source cloud attack tool developed for testing security of Microsoft 365 & Azure AD environments through adversary emulation. MAAD-AF provides security practitioners easy to use attack modules to exploit configurations across different M365/AzureAD cloud-based tools & services...

[SECURITY] Fedora 37 Update: python3.6-3.6.15-16.fc37

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

Design/Logic Flaw

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

CVE-2023-3044

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

CVE-2023-3044 Divide-by-zero in Xpdf 4.04 due to very large page size

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

CVE-2023-3044

An excessively large PDF page size found in fuzz testing, unlikely in normal PDF files can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate...

Exploit for Code Injection in Apache Rocketmq

CVE-2023-33246 Apache RocketMQ remote code execution vulnera...

[SECURITY] Fedora 38 Update: python3.8-3.8.16-4.fc38

Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release...

The vulnerability of the microprogramming software used in Schneider Electric Modicon programmable logic controllers lies in the insufficient checking of unusual or exceptional states. This allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software in Schneider Electric Modicon programmable logic controllers is related to insufficient testing of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to trigger malfunctions during maintenance operations...

MeterSphere Denial of Service Vulnerability

MeterSphere is MeterSphere open source one-stop open source continuous testing platform. MeterSphere 2.9.1 and previous versions of a denial of service vulnerability , the vulnerability stems from the submission of a very long password during login , it will force the system to perform a long...

SCRMS 2023-05-27 1.0 - Multiple SQL Injection

Exploit Title: SCRMS 2023-05-27 1.0 - Multiple SQLi Author: nu11secur1ty Date: 05.27.2023 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/15895/simple-customer-relationship-management-crm-system-using-php-free-source-coude.html Reference:...