Lógico Y Creativo Security Vulnerabilities

CVE-2024-26796

In the Linux kernel, the following vulnerability has been resolved: drivers: perf: ctr_get_width function for legacy is not defined With parameters CONFIG_RISCV_PMU_LEGACY=y and CONFIG_RISCV_PMU_SBI=n linux kernel crashes when you try perf record: $ perf record ls [ 46.749286] Unable to handle...

Slackware Linux 15.0 / current httpd Multiple Vulnerabilities (SSA:2024-095-01)

The version of httpd installed on the remote host is prior to 2.4.59. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-095-01 advisory. Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP...

[slackware-security] xorg-server

New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xorg-server-1.20.14-i586-12_slack15.0.txz: Rebuilt. This update fixes security issues: Heap buffer overread/data leakage in...

y-knot.io Cross Site Scripting vulnerability OBB-3898885

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-26678

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

Exploit for Embedded Malicious Code in Tukaani Xz

xzk8s [![Docker Pulls...

CVE-2024-26678

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

CVE-2024-26678

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

CVE-2024-26678

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

CVE-2024-26678 x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated) Exploit

...

Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated)

...

Online Hotel Booking In PHP 1.0 SQL Injection

...

Computer Laboratory Management System 1.0 Cross Site Scripting

...

CVE-2024-26678

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

Exploit for Embedded Malicious Code in Tukaani Xz

root@ubuntu:~/xz/# apt update root@ubuntu:~/xz/# apt install -y...

Exploit for Embedded Malicious Code in Tukaani Xz

xzbot Exploration of the xz...

BioTime Directory Traversal / Remote Code Execution

...

EnvíaloSimple: Email Marketing y Newsletters <= 2.3 - Cross-Site Request Forgery to Arbitrary File Upload

Description The EnvíaloSimple: Email Marketing y Newsletters plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. This is due to missing or incorrect nonce validation on the gallery_add function. This makes it possible for unauthenticated...

BioTime Directory Traversal / Remote Code Execution Exploit

BioTime versions 8.5.5 and 9.0.1 suffer from directory traversal and file write vulnerabilities. This exploit also achieves remote code execution on version...

R2Frida - Radare2 And Frida Better Together

This is a self-contained plugin for radare2 that allows to instrument remote processes using frida. The radare project brings a complete toolchain for reverse engineering, providing well maintained functionalities and extend its features with other programming languages and tools. Frida is a...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 xz Check Script This repository contains a...

New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking

Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been codenamed WallEscape by....

[slackware-security] coreutils

New coreutils packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/coreutils-9.5-i586-1_slack15.0.txz: Upgraded. chmod -R now avoids a race where an attacker may replace a traversed file with a...

Slackware: Security Advisory (SSA:2024-088-03)

The remote host is missing an update for...

Slackware: Security Advisory (SSA:2024-088-02)

The remote host is missing an update for...

Slackware: Security Advisory (SSA:2024-088-01)

The remote host is missing an update for...

Slackware Linux 15.0 / current util-linux Vulnerability (SSA:2024-088-02)

The version of util-linux installed on the remote host is prior to 2.37.4 / 2.40. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-088-02 advisory. wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to...

Slackware Linux 15.0 / current seamonkey Vulnerability (SSA:2024-088-01)

The version of seamonkey installed on the remote host is prior to 2.53.18.2. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-088-01 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Slackware Linux 15.0 / current coreutils Vulnerability (SSA:2024-088-03)

The version of coreutils installed on the remote host is prior to 9.5. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-088-03 advisory. A flaw was found in the GNU coreutils split program. A heap overflow with user-controlled data of multiple hundred bytes in...

Thread Hijacking: Phishes That Prey on Your Curiosity

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient's natural curiosity about being copied on a private discussion,...

[slackware-security] util-linux

New util-linux packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/util-linux-2.37.4-i586-3_slack15.0.txz: Rebuilt. This release fixes a vulnerability where the wall command did not filter ...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/seamonkey-2.53.18.2-i686-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information,...

Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection

A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale. "Using iMessage and RCS rather than SMS to send...

util-linux wall Escape Sequence Injection

...

Slackware: Security Advisory (SSA:2024-087-01)

The remote host is missing an update for...

[slackware-security] curl

New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.7.1-i586-1_slack15.0.txz: Upgraded. This release fixes the following security issues: TLS certificate check bypass with...

Slackware Linux 15.0 / current curl Multiple Vulnerabilities (SSA:2024-087-01)

The version of curl installed on the remote host is prior to 8.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-087-01 advisory. When a protocol selection parameter option disables all protocols without adding any then the default set of protocols...

OpenNMS Horizon 31.0.7 Remote Command Execution Exploit

This Metasploit module exploits built-in functionality in OpenNMS Horizon in order to execute arbitrary commands as the opennms user. For versions 32.0.2 and higher, this module requires valid credentials for a user with ROLE_FILESYSTEM_EDITOR privileges and either ROLE_ADMIN or ROLE_REST. For...

Updated gnutls packages fix security vulnerabilities

The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512...

CVE-2023-51416

Cross-Site Request Forgery (CSRF) vulnerability in EnvialoSimple EnvíaloSimple.This issue affects EnvíaloSimple: from n/a through...

CVE-2023-51416

Cross-Site Request Forgery (CSRF) vulnerability in EnvialoSimple EnvíaloSimple.This issue affects EnvíaloSimple: from n/a through...

CVE-2023-51416 WordPress EnvíaloSimple plugin <= 2.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in EnvialoSimple EnvíaloSimple.This issue affects EnvíaloSimple: from n/a through...

Vans warns customers of data breach

Skater brand Vans emailed customers last week to tell them about a recent “data incident.” On December 13, 2023, Vans said it detected unauthorized activities on its IT systems, attributed to "external threat actors." An investigation revealed that the incident involved some personal information...

Radamsa - A General-Purpose Fuzzer

Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestringly different outputs from them. The main...

Slackware: Security Advisory (SSA:2024-084-01)

The remote host is missing an update for...

Smart Forms < 2.6.94 - Subscriber+ Edit Entries via Broken Access Control

Description The plugin does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized actions PoC While logged as a subscriber, paste the following in your browser's console: fetch('/wp-admin/admin-ajax.php', {...

Smart Forms < 2.6.94 - Subscriber+ Edit Entries via Broken Access Control

Description The plugin does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized...

Slackware: Security Advisory (SSA:2024-083-01)

The remote host is missing an update for...

Smart Forms < 2.6.94 - Edit Entries via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium...