-
As mentioned in the patch notes for 28.x, since this release drops support for glibc older than 2.31, it will not run on several widely used Linux distros, including RHEL 8 and the RHELatives that bas…
-
Hello.
My haproxy ingress is published in internet.
For services and ingresses that are explicitly defined I'm able to limit access by IP/request path etc...
But default backend is opened without l…
-
Earlier this week some researchers of Ruhr University Bochum published a conference paper on insecure features in PDF, based on a systematic review of the full format spec:
There's a good summ…
-
## Problem to Solve
PoCs and Exploits, once developed and published can significantly change Vulnerability Assessments. There appears to be no dedicated area withing CVE 'Knowledge' to add informat…
-
A vulnerability was published on VulDB. Please see https://vuldb.com/de/?id.235864 for further details.
There is also an exploit available. See Exploit-DB for further details: https://www.exploit-d…
-
Ideas for cracking:
To make it more realistic, I think we should have two elements.: A Cracker (.crc) and a Scanner (.nmap). With just a Cracker, you can crack into servers that have a firewall wit…
-
TODO: investigate GitHub actions for finding vulns being published?
Automatic monitor github cve using Github Actions
https://github.com/p1ay8y3ar/cve_monitor
CVEMON - Monitoring exploits & refer…
-
### Finding Description
The application is not published on the Play Store suggesting that security updates are not applied automatically.
### Steps to Reproduce
This check determines if the app is…
-
Stored XSS vulnerability in Version 2.0 which allows remote attacker to inject arbitrary script or html. This being stored, will impact all users who have permissions to view the vulnerable page.
V…
-
Stored XSS vulnerability in Version 2.0 which allows remote attacker to inject arbitrary script or html. This being stored, will impact all users who have permissions to view the vulnerable page.
V…