CVE-2024-7594 Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

Vault’s SSH secrets engine did not require the validprincipals list to contain a value by default. If the validprincipals and defaultuser fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to...

CVE-2024-7594 Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

Vault’s SSH secrets engine did not require the validprincipals list to contain a value by default. If the validprincipals and defaultuser fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to...

kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()

In the Linux kernel, the following vulnerability has been resolved: mm: prevent derefencing NULL ptr in pfnsectionvalid Commit 5ec8e8ea8b77 "mm/sparsemem: fix race in accessing memorysection-usage" changed pfnsectionvalid to add a READONCE call around "ms-usage" to fix a race with sectiondeactiva...

kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()

In the Linux kernel, the following vulnerability has been resolved: mm: prevent derefencing NULL ptr in pfnsectionvalid Commit 5ec8e8ea8b77 "mm/sparsemem: fix race in accessing memorysection-usage" changed pfnsectionvalid to add a READONCE call around "ms-usage" to fix a race with sectiondeactiva...

Exploit for Path Traversal in Tuzitio Camaleon_Cms

CVE-2024-46986 Camaleon CMS Exploit - Arbitrary File Upload...

-=TWELVE=- is back

In the spring of 2024, posts with real people's personal data began appearing on the -=TWELVE=- Telegram channel. Soon it was blocked for falling foul of the Telegram terms of service. The group stayed off the radar for several months, but as we investigated a late June 2024 attack, we found that...

Duplicate Advisory: Keycloak Open Redirect vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8gr-xwp4-r9f7. This link is maintained to preserve external references. Original Description A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL...

SUSE CVE-2024-46764

In the Linux kernel, the following vulnerability has been resolved: bpf: add check for invalid name in btfnamevalidsection If the length of the name string is 1 and the value of name0 is NULL byte, an OOB vulnerability occurs in btfnamevalidsection and the return value is true, so the invalid nam...

The vulnerability of the LibreOffice office software package lies in its improper verification of the cryptographic signature. This allows a malicious actor to create a specially crafted document. Upon restoration, such a document would indicate that the electronic signature status is valid.

The vulnerability of the LibreOffice office software package is related to improper verification of the cryptographic signature. Exploiting this vulnerability could allow an attacker to create a specially crafted document. After restoration, such a document would indicate that the electronic...

CVE-2024-8796 Insufficient Default OTP Shared Secret Length

Under the default configuration, Devise-Two-Factor versions = 2.2.0 & 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by RFC 4226. Using a shared secret shorter than the minimum to generate a multi-factor authentication code could make it easier for an...

CVE-2024-20343

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

mm: prevent derefencing NULL ptr in pfn_section_valid()

...

kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()

In the Linux kernel, the following vulnerability has been resolved: mm: prevent derefencing NULL ptr in pfnsectionvalid Commit 5ec8e8ea8b77 "mm/sparsemem: fix race in accessing memorysection-usage" changed pfnsectionvalid to add a READONCE call around "ms-usage" to fix a race with sectiondeactiva...

PT-2024-38907 · WordPress · Woocommerce Photo Reviews Premium

Name of the Vulnerable Software and Affected Versions: WooCommerce Photo Reviews Premium plugin for WordPress versions up to, and including, 1.3.13.2 Description: The issue is due to the plugin not properly validating what user transient is being used in the login function and not properly...

CVE-2024-42021

An improper access control vulnerability allows an attacker with valid access tokens to access saved credentials...

CVE-2024-42021

An improper access control vulnerability allows an attacker with valid access tokens to access saved credentials...

Username Enumeration Attack

ethycafides is vulnerable to Username Enumeration Attack. The vulnerability is due to discrepancies in response times between valid and invalid usernames, which allow attackers to infer valid usernames based on the timing of server responses...

Binom3 Web Management Login Scanner, Config And Password File Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Binom3 Web Management Login Scanner, Config and Password File Dump', 'Description' = % This module scans for Binom3 Multifunctional Revenue Energ...

InfoVista VistaPortal Application Bruteforce Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'InfoVista VistaPortal Application Bruteforce Login Utility', 'Description' = % This module attempts to scan for InfoVista VistaPortal Web...

Apache Mod_userdir User Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache "moduserdir" User Enumeration', 'Description' = %qApache with the UserDir directive enabled generates different error codes when a usernam...