Spring Tips: Spring Cloud Gateway for Spring MVC

Hi, Spring fans! In this installment, we revisit Spring Cloud Gateway, this time to look at the fantastic new support for Spring MVC, made all the more amazing by Java 21's virtual threads...

CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training

CrimsonEDR is an open-source project engineered to identify specific malware patterns, offering a tool for honing skills in circumventing Endpoint Detection and Response EDR. By leveraging diverse detection methods, it empowers users to deepen their understanding of security evasion tactics...

PT-2024-9803 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the OpenRISC exception handling in the Linux kernel, which sends signals to user processes on floating point exceptions and trap instructions for debugging...

CVE-2024-26686

A vulnerability was found in the dotaskstat function in the Linux kernel, where due to excessive lock contention, a potential hard lockup could be created. This can create a performance bottleneck and lead to kernel unresponsiveness...

DEBIAN-CVE-2024-26686

In the Linux kernel, the following vulnerability has been resolved: fs/proc: dotaskstat: use sig-statslock to gather the threads/children stats locktasksighand can trigger a hard lockup. If NRCPUS threads call dotaskstat at the same time and the process has NRTHREADS, it will spin with irqs...

CVE-2024-26686

In the Linux kernel, the following vulnerability has been resolved: fs/proc: dotaskstat: use sig-statslock to gather the threads/children stats locktasksighand can trigger a hard lockup. If NRCPUS threads call dotaskstat at the same time and the process has NRTHREADS, it will spin with irqs...

CVE-2024-26686 fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats

In the Linux kernel, the following vulnerability has been resolved: fs/proc: dotaskstat: use sig-statslock to gather the threads/children stats locktasksighand can trigger a hard lockup. If NRCPUS threads call dotaskstat at the same time and the process has NRTHREADS, it will spin with irqs...

Wordpress Plugin - Membership For WooCommerce < v2.1.7 - Arbitrary File Upload to Shell (Unauthenticated)

Exploit Title: Wordpress Plugin - Membership For WooCommerce Resultz Uploader Uploaded ?PHP...

Exploit for Code Injection in Wwbn Avideo

AVideo CVE-2024-31819 🎥🔒💥 This Python script is an exploit fo...

kernel: GSM multiplexing race condition leads to privilege escalation

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

kernel: GSM multiplexing race condition leads to privilege escalation

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

Meta Platforms Face Outage: Facebook, Instagram, Messenger, Threads Down

By Waqas Logged out of your Meta Platform services? This is a post from HackRead.com Read the original post: Meta Platforms Face Outage: Facebook, Instagram, Messenger, Threads Down...

CVE-2023-45874

An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of service outage of reader threads...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In epoll mode, threads often depend on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a command via BINDERWRITEREAD without a read buffer...

CVE-2024-26606

In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In epoll mode, threads often depend on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a command via BINDERWRITEREAD without a read buffer...

CVE-2024-26606

In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In epoll mode, threads often depend on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a command via BINDERWRITEREAD without a read buffer...

CVE-2024-26606 binder: signal epoll threads of self-work

In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In epoll mode, threads often depend on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a command via BINDERWRITEREAD without a read buffer...

CVE-2024-26606 binder: signal epoll threads of self-work

In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In epoll mode, threads often depend on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a command via BINDERWRITEREAD without a read buffer...

CVE-2024-26606 binder: signal epoll threads of self-work

In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In epoll mode, threads often depend on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a command via BINDERWRITEREAD without a read buffer...

CVE-2024-26606

CVE-2024-26606 affects the Linux kernel binder subsystem. In (e)poll mode, a binder thread that issues a BINDER_WRITE_READ without a read buffer may later rely on epoll_wait to process responses, but if the epoll/wakeup signaling is not triggered for the thread’s own enqueued work, the thread can...