Xen p2m mappings privilege escalation | CVE-2022-23033
NAME Xen p2m mappings privilege escalation Platforms Affected:XenSource Xen 5.1 XenSource Xen 4.12 XenSource Xen 4.13 XenSource Xen 4.14 XenSource...
AIDE buffer overflow | CVE-2021-45417
NAME AIDE buffer overflow Platforms Affected:AIDE AIDE 0.17.3 AIDE AIDE 0.17.2Risk Level:8.4Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION AIDE is vulnerable to...
CWP Control Web Panel file include | CVE-2021-45467
NAME CWP Control Web Panel file include Platforms Affected:CWP Control Web PanelRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION CWP Control Web Panel could...
Apache ShardingSphere ElasticJob-UI privilege escalation | CVE-2022-22733
NAME Apache ShardingSphere ElasticJob-UI privilege escalation Platforms Affected:Apache ShardingSphere ElasticJob-UI 3.0.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Apache ShardingSphere ElasticJob-UI could allow a...
Polkit privilege escalation | CVE-2021-4034
NAME Polkit privilege escalation Platforms Affected:Polkit PolkitRisk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Privileges DESCRIPTION Polkit could allow a local authenticated attacker to...
Node.js @isomorphic-git/cors-proxy module server-side request forgery | CVE-2021-23664
NAME Node.js @isomorphic-git/cors-proxy module server-side request forgery Platforms Affected:Node.js @isomorphic-git/cors-proxy 2.7.0Risk Level:8.6Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Node.js @isomorphic-git/cors-proxy module is vulnerable to...
Simple College Website SQL injection | CVE-2021-44593
NAME Simple College Website SQL injection Platforms Affected:Sourcecodester Simple College Website 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Simple College Website is vulnerable...
German intelligence agency warns of China-linked APT27 targeting commercial organizations
The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. The Bundesamt...
Ninjasworkout – Vulnerable NodeJS Web Application
Damn Vulnerable NodeJS Application Quick Start Download the Repo => run npm i Afer Installing all dependency just run the...
KONNI evolves into stealthier RAT
This blog post was authored by Roberto Santos KONNI is a Remote Administration Tool that has being used for at...
LockBit 2.0 Ransomware Victim: plainviewmn[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Senate Committee passes new antitrust bill aimed at Big Tech companies
The American Innovation and Choice Online Act (AICOA), a bill that forbids Big Tech platforms like Apple, Alphabet (Google’s parent company),...
New DeadBolt ransomware targets QNAP NAS devices
New malware is targeting targets QNAP NAS devices, it is the DeadBolt ransomware and ask 50 BTC for master key...
CVE-2021-30952
Summary: An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1,...
CVE-2021-30953
Summary: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1,...
CVE-2021-30954
Summary: A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey...
CVE-2021-30984
Summary: A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1,...
CVE-2021-28507
Summary: An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig...
Google sued over deceptive location tracking
Four Attorneys General (AG) from the District of Columbia and the states of Indiana, Texas, and Washington have filed separate...
Windows Update has changed over the years. Here are 25 group policies to avoid
Microsoft has published a list of 25 group policies that administrators should not use in Windows 10 and Windows 11...
VMware urges customers to patch VMware Horizon servers against Log4j attacks
VMware released security patches to address critical Log4j security vulnerabilities in VMware Horizon servers targeted in ongoing attacks. VMware urges...
Microsoft warns of phishy OAuth apps
Microsoft is warning Office 365 users to watch out for a phishy emails asking you to install an app called Upgrade....
Cyberinsurance companies don’t want to pay out for “acts of war”
Due to the evolving and growing impact of cybersecurity incidents there are some questions starting to arise about the way...
PwnKit: Local Privilege Escalation bug affects major Linux distros
A flaw in Polkit’s pkexec component, tracked as CVE-2021-4034 (PwnKit) can be exploited to gain full root privileges on major...
