Aggregator

A vulnerability, which was classified as critical, was found in pitivi up to 0.94. This affects the function mediaLibraryPlayCb of the file mainwindow.py of the component File Path Handler. The manipulation leads to code injection. This vulnerability is uniquely identified as CVE-2015-0855. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Debian Linux 7/8. Affected by this issue is some unknown functionality of the file smokeping_cgi of the component smokeping. The manipulation leads to code. This vulnerability is handled as CVE-2015-0859. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical has been found in Mozilla Firefox up to 3.6.3. Affected is an unknown function. The manipulation leads to numeric error. This vulnerability is traded as CVE-2010-1199. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

msInvader msInvader is an adversary simulation tool built for blue teams, designed to simulate adversary techniques within M365 and Azure environments. Its purpose is to generate attack telemetry that aids teams in building, testing,...

The post msInvader: M365/Azure adversary simulation tool appeared first on Penetration Testing Tools.

GTIRB The GrammaTech Intermediate Representation for Binaries (GTIRB) is a machine code analysis and rewriting data structure. It is intended to facilitate the communication of binary IR between programs performing binary disassembly, analysis, transformation,...

The post gtirb: Intermediate Representation for Binary analysis and transformation appeared first on Penetration Testing Tools.

IntelMQ is a solution for IT security teams (CERTs, CSIRTs, abuse departments,…) for collecting and processing security feeds (such as log files) using a message queuing protocol. It’s a community-driven initiative called IHAP (Incident Handling...

The post intelmq: collecting and processing security feeds appeared first on Penetration Testing Tools.

A vulnerability was found in Katello 1.5.0-14. It has been rated as critical. Affected by this issue is some unknown functionality of the component Administrator Account. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2013-2143. The attack may be launched remotely. Furthermore, there is an exploit available.

POC for CVE-2024-22734 Affecting AMCS Trux Software

A vulnerability classified as problematic was found in Apple iPod touch 2.0. Affected by this vulnerability is the function _web_drawInRect:withFont:ellipsis:alignment:measureOnly. The manipulation leads to numeric error. This vulnerability is known as CVE-2008-3950. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in HP LoadRunner. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2011-2328. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in HP Intelligent Management Center. It has been classified as very critical. This affects an unknown part of the file img.exe. The manipulation leads to numeric error. This vulnerability is uniquely identified as CVE-2011-2331. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in SmarterTools SmarterStats 6.0. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2011-2156. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in SmarterTools SmarterStats 6.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2011-2157. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in SmarterTools SmarterStats 6.0 and classified as very critical. This issue affects some unknown processing. The manipulation leads to Remote Code Execution. The identification of this vulnerability is CVE-2011-2158. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in SmarterTools SmarterStats 6.0. It has been classified as very critical. Affected is an unknown function. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2011-2159. It is possible to launch the attack remotely. There is no exploit available.

Generative Artificial Intelligence (GAI) is rapidly revolutionizing various industries, including cybersecurity, allowing the creation of realistic and personalized content. The capabilities that make Generative Artificial Intelligence a powerful tool for progress also make it a significant threat in the cyber domain. The use of GAI by malicious actors is becoming increasingly common, enabling them to […]

针对银狐一些最新攻击样本加载过程的调试分析

华为折叠屏手机全球第二；微信公众号后台新增「AI 配图」功能；马斯克点赞 AirPodsPro2 助听功能

A vulnerability classified as problematic was found in JIRA up to 8.3.x. Affected by this vulnerability is an unknown functionality of the file /rest/api/latest/groupuserpicker. The manipulation leads to information disclosure (Username). This vulnerability is known as CVE-2019-8449. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.