Aggregator

Currently trending CVE - hypeScore: 1 - Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection.

Currently trending CVE - hypeScore: 2 - Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Currently trending CVE - hypeScore: 1 - Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw fir

Currently trending CVE - hypeScore: 1 - Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), a part of each OID will be used

PipeViewer A GUI tool for viewing Windows Named Pipes and searching for insecure permissions. PipeViewer is a GUI tool that allows users to view details about Windows-named pipes and their permissions. It is designed...

The post PipeViewer: shows detailed information about named pipes in Windows appeared first on Penetration Testing Tools.

RedCloud OS RedCloud OS is a Debian-based Cloud Adversary Simulation Operating System for Red Teams to assess the security of leading Cloud Service Providers (CSPs). It includes tools optimized for adversary simulation tasks within Amazon Web...

The post RedCloud-OS: a Cloud Adversary Simulation Operating System for Red Teams appeared first on Penetration Testing Tools.

apk2url apk2url easily extracts URL and IP endpoints from an APK file to a .txt output. This is suitable for information gathering by the red team, penetration testers, and developers to quickly identify endpoints...

The post apk2url: quickly extract IP and URL endpoints from APKs appeared first on Penetration Testing Tools.

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies, a Tata Motors subsidiary, suspended some IT services following a ransomware attack. The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies.  As of 2023, the IT giant has over […]

本次微访谈于1月26日举行，邀请了8位来自国内高校的学术界专家分享自己的观点和看法。

本次微访谈于1月26日举行，邀请了8位来自国内高校的学术界专家分享自己的观点和看法。

破五迎财神，扫除晦气，迎接好运。 愿你新的一年，顺风顺水，心想事成。 祝财神到，好运来！

本次微访谈于1月26日举行，邀请了8位来自国内高校的学术界专家分享自己的观点和看法。

破五迎财神，扫除晦气，迎接好运。 愿你新的一年，顺风顺水，心想事成。 祝财神到，好运来！

A vulnerability has been found in Apple Mac OS X up to 10.6.2 and classified as critical. This vulnerability affects unknown code of the component Access Control List. The manipulation leads to improper access controls. This vulnerability was named CVE-2010-0535. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Apple Mac OS X up to 10.6.2. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2010-0497. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Apple Mac OS X up to 10.6.2. This issue affects some unknown processing of the component Directory Services. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2010-0498. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Secure Backup 10.2.0.3 and classified as very critical. Affected by this issue is some unknown functionality of the file observiced.exe. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2010-0072. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Oracle Weblogic Server Component 9.2. It has been declared as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2010-0073. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Oracle OpenSolaris 8/9/10 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to Remote Code Execution. This vulnerability is handled as CVE-2010-0083. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Dovecot up to 1.2.12. Affected is an unknown function of the component AGate. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2010-3304. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.