[SECURITY] Fedora 43 Update: insight-18.0.50.20260306-3.fc43

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version...

[SECURITY] Fedora 43 Update: insight-18.0.50.20260306-2.fc43

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version...

PT-2025-52921

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's NTFS3 implementation related to uninitialized memory after a failed mi read operation within mi format new. The issue stems from the ntfs get bh...

[SECURITY] Fedora 42 Update: insight-13.0.50.20220502-27.fc42

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version...

SUSE CVE-2022-50328

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential use-after-free in jbd2fcwaitbufs In 'jbd2fcwaitbufs' use 'bh' after put buffer head reference count which may lead to use-after-free. So judge buffer if uptodate before put buffer head reference count...

X-Recon - A Utility For Detecting Webpage Inputs And Conducting XSS Scans

A utility for identifying web page inputs and conducting XSS scanning. Features: Subdomain Discovery: Retrieves relevant subdomains for the target website and consolidates them into a whitelist. These subdomains can be utilized during the scraping process. Site-wide Link Discovery: Collects all...

CVE-2024-24761

Galette is a membership management web application for non profit organizations. Starting in version 1.0.0 and prior to version 1.0.2, public pages are per default restricted to only administrators and staff members. From configuration, it is possible to restrict to up-to-date members or to...

CVE-2024-26583

A race condition vulnerability was found in the tls subsystem of the Linux kernel. The submitting thread that calls recvmsg/sendmsg may exit as soon as the async crypto handler calls complete; any code past that point risks touching already freed data. This could lead to a use-after-free issue an...

Artemis - A Modular Web Reconnaissance Tool And Vulnerability Scanner

A modular web reconnaissance tool and vulnerability scanner based on Karton https://github.com/CERT-Polska/karton. The Artemis project has been initiated by the KN Cyber science club of Warsaw University of Technology and is currently being maintained by CERT Polska. Artemis is experimental...

Four Big Reasons to Update Your Software

ABP To shamelessly paraphrase the 1992 crime drama Glengarry Glen Ross, “Always be patching.” Any home computer needs to be updated regularly. Drives and software updates are critical to the smooth running of the average home PC, and can often be overlooked. Business and professional computers ar...

latestAnswer doesn't check if the value is up to date

Handle pauliax Vulnerability details Impact EIP1271Wallet.sol is calling latestAnswer to get the last price: uint256 oraclePrice = toUint AggregatorV2V3InterfacepriceOracle.latestAnswer ; This method will return the last value, but you won’t be able to check if the data is fresh. On the other han...

Incorrect implementation of chainlink oracle

Handle tensors Vulnerability details The protocol doesn't implement the chainlink ETH oracle correctly. Many user functions in LendingPair.sol use currentTokenValues which computes data based off of the chainlink eth oracle via tokenPrice which uses EthPrice. In a correct implementation using the...

Wallarm API Discovery: Discover API endpoints automatically and secure them

What do you know about your APIs? Why are the vulnerable v2 and v3 still exposed if they are deprecated for almost a year? What else is exposed and you don’t even know? Are Swagger specs up to date? Teaser: Surely not. A lot of questions, right? Meet Wallarm’s latest feature for API Discovery and...

Bbrecon - Python Library And CLI For The Bug Bounty Recon API

Bug Bounty Recon bbrecon is a free Recon-as-a-Service for bug bounty hunters and security researchers. The API aims to provide a continuously up-to-date map of the Internet "safe harbor" attack surface, excluding out-of-scope targets. It comes with an ergonomic CLI and Python library. This...

PhishingKitTracker - Let's Track Phishing Kits To Give To Research Community Raw Material To Stud

An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats Disclaimer This repository holds a collection of Phishing Kits used by criminals to steal user information. Almost every file into the raw folder is malicious so I strongly...

PTF v2.3 - The Penetration Testers Framework Is A Way For Modular Support For Up-To-Date Tools

The PenTesters Framework PTF is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters, we've been accustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all o...

Security Planner

Security Planner is a custom security advice tool from Citizen Lab. Answer a few questions, and it gives you a few simple things you can do to improve your security. It's not meant to be comprehensive, but instead to give people things they can actually do to immediately improve their security. I...

[SECURITY] Fedora 22 Update: nodejs-ws-1.0.1-1.fc22

Simple to use, blazing fast and thoroughly tested web socket client, server and console for nodejs, up-to-date against RFC-6455...

PWGen - Generator of cryptographically-strong passwords

PWGen is a professional password generator capable of creating large amounts of cryptographically-secure passwords or passphrases consisting of words from a word list. It uses a “random pool ” technique to generate random data based on user inputs keystrokes, mouse handling and volatile system...

Java enabled browsers are highly vulnerable

Oracle has released emergency patches multiple of times in recent months for Java for one after another set of vulnerabilities. About 100 million computers reported to be vulnerable to unauthorized access via different flaw in Java software. Department of Homeland Security's US-CERT already warne...