FirebaseExploiter - Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable

FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for mass hunting bug bounties and for penetration testing. Features Mass vulnerability scanning from list of hosts Custom JSON data in exploit.json to upload...

Bearer - Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)

Discover, filter, and prioritize security risks and vulnerabilities impacting your code. Bearer is a static application security testing SAST tool that scans your source code and analyzes your data flows to discover, filter and prioritize security risks and vulnerabilities leading to sensitive da...

HexUtils.hexStringToBytes32 does not exclude the last index in str

Lines of code Vulnerability details Impact The HexUtils.hexStringToBytes32 intends to exclude the lastIdx index in the input str. See the @param comment for lastIdx parameter: / @dev Attempts to parse bytes32 from a hex string @param str The string to parse @param idx The offset to start parsing ...

TEST FINDING

Lines of code Vulnerability details ISSUE FOR TESTING PURPOSES Assessed type Uniswap --- The text was updated successfully, but these errors were encountered: All reactions...

PhoneSploit-Pro - An All-In-One Hacking Tool To Remotely Exploit Android Devices Using ADB And Metasploit-Framework To Get A Meterpreter Session

An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB Android Debug Bridge and Metasploit-Framework. Complete Automation to get a Meterpreter session in One Click This tool can automatically Create , Install , and Run payload on the target device using...

Webcam Preview Test Application

Please note: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools Simple Windows UI application to test and troubleshoot Webcam redirection on Terminal Server and Workstation VDAs, as well as to check...

auditpolCIS - CIS Benchmark Testing Of Windows SIEM Configuration

CIS Benchmark testing of Windows SIEM configuration This is an application for testing the configuration of Windows Audit Policy settings against the CIS Benchmark recommended settings. A few points: The tested system was Windows Server 2019, and the benchmark used was also Windows Server 2019. T...

This Week in Spring - April 25th, 2023

Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you? I'm en route to Bangalore, India, via Frankfurt, for the Developer Summit 2023 edition. It's going to be a ton of fun, and I hope you won't miss it! para Spring Boot 3.1.0-RC1 available now One of the most exciti...

The vulnerability of the Microsoft Visual Studio software allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Visual Studio software development tool is related to insufficient testing of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Stored XSS on items in Folder

Description first create two user accounts and grant them permission to access a same folder. In one of the accounts, generate a new item within the folder. Paste the payload XSS into this field, then save the item. Once saved, click on the item to activate an XSS alert. To confirm the success of...

Oracle Application Testing Suite (Apr 2023 CPU)

The version of Oracle Application Testing Suite installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory: - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps Apac...

AZL-26278 CVE-2023-30612 affecting package cloud-hypervisor for versions less than 31.1-1

Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP request through the HTTP API socket. As a result, the Cloud Hypervisor process can be easily...

Reentrancy Attack Vulnerability in StablecoinBridge Contract

Lines of code Vulnerability details Impact The vulnerability can potentially drain the funds of the contract by allowing an attacker to repeatedly call the mint or burn functions and re-enter the mintInternal or burnInternal functions before they complete. Proof of Concept To deploy the...

Exploit for Double Free in Openbsd Openssh

OpenSSH Pre-Auth Double Free CVE-2023-25136 POCThis repository c...

Siemens Mendix Forgot Password Module Information Disclosure Vulnerability

Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. An information disclosure vulnerability exists in the Siemens Mendix Forgot Password module. The vulnerability stems from the fact that the...

Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server

CVE-2023-21839 Due to special requirements, the GO version of...

servicos.penha.sc.gov.br Cross Site Scripting vulnerability OBB-3261667

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The vulnerability of the Microsoft Office software package, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Office package is related to insufficient testing of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of Microsoft SharePoint Server software allows a perpetrator to compromise the integrity of protected information.

The vulnerability of Microsoft SharePoint Server packages is related to insufficient testing of requests on the server side. Exploiting this vulnerability allows a malicious actor to affect the integrity of protected information through a specially crafted HTTP request...

OSV-2023-310 UNKNOWN READ in memdup_suffix0

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57937 Crash type: UNKNOWN READ Crash state: memdupsuffix0 fuzz-efi-string.c centipede::RunOneInput...