@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +33 more potentially affected by CVE-2026-34749 via payload (>=3.0.0-alpha.46 <=3.79.0)

payload NPM version =3.0.0-alpha.46, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 and more Source cves: CVE-2026-34749 Source advisory: SNYK:JS-PAYLOAD-15873856...

🔍 Vulners Lookup – augmented CVE reality

Vulners Lookup – augmented CVE reality. Yesterday, VulnCheck unveiled a prototype Chrome/Chromium plugin that highlights CVE identifiers on any website and shows a popup with vulnerability details, including whether the vulnerability is in the VulnCheck KEV an extended CISA KEV. The Vulners team...

Exploit for CVE-2023-6444

CVE-202306444-POC Proof of concept...

KLA50772 PE vulnerability in Microsoft System Center

An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2023-33156 Related products Windows-Defender CVE list CVE-2023-33156 high KB list Solution Install necessary updates from the KB...

Microsoft Patch Tuesday February 2023: Win Graphics RCE, Edge RCE, Publisher SFB, CLFS EoP, Exchange RCEs, Word RCE, HoloLens1

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2023, including vulnerabilities that were added between January and February Patch Tuesdays. Alternative video link for Russia: This month I decided to change the format a bit. Now I share my impression of Microsoft...

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. Its especially nice that all the code to support the new API was written and contributed ...

Exploit for Improper Preservation of Permissions in Processmaker

This repository has be archived and moved to: https://github.com...

Scanvus – my open source Vulnerability Scanner for Linux hosts and Docker images

Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about my open source project Scanvus. This project is already a year old and I use it almost every day. Alternative video link for Russia: Scanvus Simple Credentialed...

Vulners Linux Audit API: Security Bulletin Publication Dates in Results

Hello everyone! In this short episode, I want to talk about the new feature in Vulners Linux API. Alternative video link for Russia: Linux security bulletin publication dates are now included in scan results. Why is it useful? A few words why this Linux Audit API is needed. You collect a list of...

Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021

Hello everyone! In this episode I want to highlight the latest changes in my Vulristics project. For those who dont know, this is a utility for prioritizing CVE vulnerabilities based on data from various sources.. Currently Microsoft, NVD, Vulners, AttackerKB. Command Line Interface I started...

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.50 - Path Traversal or Remote Code Execution CVE-20...

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.49-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. modproxy: Server Side...

Vulners Linux Audit API for Host Vulnerability Detection: Manual Auditing, Python Scripting and Licensing

Hello everyone! This episode will be about Vulners Linux Audit API, which allows you to detect vulnerabilities on a Linux host knowing only the OS version and installed packages. I had a similar post about this 4 years ago, but some details have changed, so I came back to this topic. Manual Audit...

Flan - A Pretty Sweet Vulnerability Scanner By CloudFlare

Flan Scan is a lightweight network vulnerability scanner. With Flan Scan you can easily find open ports on your network, identify services and their version, and get a list of relevant CVEs affecting your network. Flan Scan is a wrapper over Nmap and the vulners script which turns Nmap into a...

[slackware-security] libtiff

New libtiff packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libtiff-4.1.0-i586-1slack14.2.txz: Upgraded. libtiff: fix integer overflow in TIFFCheckMalloc that could cause a crash. tifdir: unset...

Exploit for CVE-2019-14339

CVE-2019-14339 Content Provider URI Injection on Canon PRINT...

Vulners Scanner for Android - Passive Vulnerability Scanning Based On Software Version Fingerprint

Vulners Scanner is developed by Vulners Team, the founders and maintainers of one of the world largest security databases. It implements technology of passive vulnerability scanning based on software version fingerprint. Is it legal? Absolutely. The application does not perform any malicious...

Legion - An Easy-To-Use, Super-Extensible And Semi-Automated Network Penetration Testing Tool That Aids In Discovery, Reconnaissance And Exploitation Of Information Systems

Legion, a fork of SECFORCE's Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. Legion is developed and maintained by GoVanguard. More information about...

Pompem - Exploit and Vulnerability Finder

Pompem is an open source tool, designed to automate the search for Exploits and Vulnerability in the most important databases. Developed in Python, has a system of advanced search, that help the work of pentesters and ethical hackers. In the current version, it performs searches in PacketStorm...

GHSA-QHQF-GHGH-X2M4 High severity vulnerability that affects Microsoft.AspNetCore.Mvc

See https://nvd.nist.gov/vuln/detail/CVE-2017-0249 & https://vulners.com/cve/CVE-2017-0249...