Aggregator

Hot TopicsAfter CrowdStrike Crash, Microsoft Mulls New Windows Security Tools A Personally I

Dear blog readers,The following is a compilation of publicly accessible information on cyber jihad

A vulnerability, which was classified as problematic, was found in rxgoogle.cgi 1.0. This affects an unknown part. The manipulation of the argument query leads to basic cross site scripting. This vulnerability is uniquely identified as CVE-2004-0251. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Hot TopicsA Personally Identifiable Cyber Jihadist Domain Portfolio Point Product vs. CDN fo

What is WHAD? The cybersecurity community has published a lot of wireless hacking tools based on various hardware platforms and custom communication protocols specifically designed to work with associated software. This leads to hackers...

The post WHAD: Wireless HAcking Devices appeared first on Penetration Testing Tools.

betterscan-ce It is a Code and Infrastructure (IaC) and Cloud-native Scanning/SAST/Static Analysis/Linting solution using many tools/Scanners with One Report. You can also add any tool to it. Currently, it supports many languages and tech...

The post betterscan: code analysis & automation platform appeared first on Penetration Testing Tools.

This is from the “correct if I’m wrong but this is publicly accessible information so why shouldn’

This is from the "correct if I'm wrong but this is publicly accessible information so why shouldn't

logdata-anomaly-miner This tool parses log data and allows to definition of analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and the lowest possible permissions to make it...

The post logdata-anomaly-miner: parses log data and allows to define analysis pipelines for anomaly detection appeared first on Penetration Testing Tools.

月满人团圆 安全护万家

The Treasury Department on Monday sanctioned five people and one entity tied to the Intellexa Conso

A vulnerability was found in CA Investigation Tool 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file gov.ca.post.lp.itool of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. The identification of this vulnerability is CVE-2014-6799. The attack needs to be initiated within the local network. There is no exploit available.

InForSec祝全球华人学者中秋节快乐，阖家幸福安康！

A vulnerability, which was classified as problematic, was found in Johnson Controls Metasys System and BCPro. Affected is an unknown function of the component Error Handler. The manipulation leads to 7pk error (Technical). This vulnerability is traded as CVE-2018-10624. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Rapid7 Nexpose up to 6.5.50. It has been classified as critical. This affects an unknown part of the component Session Expiration. The manipulation leads to session expiration. This vulnerability is uniquely identified as CVE-2019-5638. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in UltraLog Express Device Management Interface. It has been classified as critical. This affects an unknown part. The manipulation as part of Parameter leads to sql injection. This vulnerability is uniquely identified as CVE-2020-3936. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in MongoDB up to 3.6.14/4.0.12/4.2.0. This issue affects some unknown processing. The manipulation leads to use after free. The identification of this vulnerability is CVE-2019-2393. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in MongoDB up to 3.4.23/3.6.14/4.0.12/4.2.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Message Decompressor. The manipulation leads to denial of service. This vulnerability is handled as CVE-2019-20925. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in MongoDB Server up to 4.4.3. This affects an unknown part of the component Find Query Handler. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2021-20326. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in MongoDB C# Driver 2.12.0. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2021-20331. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.