Free to use IOC feed for various tools/malware. It started out for just C2 tools but has morphed into tracking infostealers and botnets as well. It uses shodan.io/">Shodan searches to ...
Continue Reading
April 24, 2024
Impact A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in how the auth chain cover index i ...
Continue Reading
April 24, 2024
The flowise version <= 1.6.5 is vulnerable to authentication bypass...Read More ...
Continue Reading
April 23, 2024
This Metasploit module creates a vsix file which can be installed in Visual Studio Code as an extension. At activation/install, the extension will execute a shell or two. Tested against VSCode 1.87.2 ...
Continue Reading
April 23, 2024
SpEL Injection in PUT /api/v1/policies (GHSL-2023-252) Please note, only authorized and admin role users have access to PUT / POST APIS for /api/v1/policies. Non authenticated users will not be able t ...
Continue Reading
April 23, 2024
Security Advisory Description CVE-2024-21011 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported ...
Continue Reading
April 23, 2024
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f04c2ec90b advisory. pgAdmin <= 8.4 is affected by a Remote Code Executio ...
Continue Reading
April 23, 2024
Summary Node.js is used by IBM App Connect Enterprise Certified Container as one of the main runtimes. IBM App Connect Enterprise Certified Container operands are vulnerable to loss of confidentiality ...
Continue Reading
April 23, 2024
Back to Main
