Aller au contenu
Skip to RECENT-POSTS-2
Skip to SEARCH-2
Skip to CUSTOM_HTML-2
Skip to RSS-5
Skip to RSS-4
Skip to CUSTOM_HTML-14
Skip to META-2
Skip to CUSTOM_HTML-11
Skip to CUSTOM_HTML-5
Skip to CUSTOM_HTML-16
Skip to CUSTOM_HTML-6
Skip to CUSTOM_HTML-7
Skip to CUSTOM_HTML-8
Skip to CUSTOM_HTML-9
Skip to CUSTOM_HTML-10
Skip to TAG_CLOUD-2
Skip to ARCHIVES-2
Skip to CUSTOM_HTML-15
Skip to CUSTOM_HTML-13
Attention à vos informations.
TNT Sécurité
Attention à vos informations.
Shrunk
Expand
Navigation Principale
Open
Liens web
Android
Section Privée
Open
Archives de l'Année
Link to Year Archives
2018
Link to Year Archives
2019
Link to Year Archives
2023
1
2 Articles archivés
2
3
4
5
6
7
8
9
10
11
12
Articles récents
Téléchargez le ISO de Windows 11
Office 2021 Pro LTSC
Hacking — Crypto monnaies — Forum underground — Informations
Comment accéder sécuritairement votre réseau local à l’aide de PiVPN
Comment exploiter une faille de sécurité à l’aide de Metasploit.
Comment utiliser l’API Shodan avec du Python pour automatiser les recherches des périphériques vulnérables
20 commandes essentielles de Meterpreter
Hacker à l’aide de Metasploit et le module Shodan.
L’exploit KRACK affecte tous les périphériques Wi-Fi utilisant le protocole WPA2
Comment hacker Windows à l’aide d’un « Malware »
Search for:
Exploit Database
National Vulnerability Database
CVE-2022-42484
30 janvier 2023
An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2022-38451
30 janvier 2023
A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2022-2988
30 janvier 2023
A CWE-787: Out-of-bounds Write vulnerability exists that could cause sensitive information leakage when accessing a malicious web page from the commissioning software. Affected Products: SoMachine HVAC(V2.1.0 and prior), EcoStruxure Machine Expert – HVAC(V1.4.0 and prior).
CVE-2023-0474
30 janvier 2023
Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. (Chromium security severity: Medium)
CVE-2023-0472
30 janvier 2023
Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Bugtraq
APPLE-SA-2023-01-24-1 tvOS 16.3
27 janvier 2023
Posted by Apple Product Security via Fulldisclosure on Jan 26APPLE-SA-2023-01-24-1 tvOS 16.3 tvOS 16.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213601. AppleMobileFileIntegrity Available for: Apple TV 4K (all models) and Apple TV HD Impact: An app may be able to access user-sensitive data Description: This issue was addressed […]
[SYSS-2022-047] Razer Synapse - Local Privilege Escalation
27 janvier 2023
Posted by Oliver Schwarz via Fulldisclosure on Jan 26Advisory ID: SYSS-2022-047 Product: Razer Synapse Manufacturer: Razer Inc. Affected Version(s): Versions before 3.7.0830.081906 Tested Version(s): 3.7.0731.072516 Vulnerability Type: Improper Certificate Validation (CWE-295) Risk Level: High Solution Status: Open Manufacturer Notification: 2022-08-02 Solution Date: 2022-09-06 Public Disclosure:...
[RT-SA-2022-002] Skyhigh Security Secure Web Gateway: Cross-Site Scripting in Single Sign-On Plugin
26 janvier 2023
Posted by RedTeam Pentesting GmbH on Jan 26RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure Web Gateway. While it is possible to inject arbitrary content types, the primary risk arises from JavaScript […]
t2'23: Call For Papers 2023 (Helsinki, Finland)
24 janvier 2023
Posted by Tomi Tuominen via Fulldisclosure on Jan 23Call For Papers 2023 Tired of your bosses suspecting conference trips to exotic locations being just a ploy to partake in Security Vacation Club? Prove them wrong by coming to Helsinki, Finland on May 4-5 2023! Guaranteed lack of sunburn, good potential for rain or slush. In […]
Re: HNS-2022-01 - HN Security Advisory - Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm
24 janvier 2023
Posted by Marco Ivaldi on Jan 23Hello again, Just a quick update. Mitre has assigned the following additional CVE IDs: * CVE-2023-24039 - Stack-based buffer overflow in libXm ParseColors * CVE-2023-24040 - Printer name injection and heap memory disclosure We have updated the advisory accordingly: https://github.com/hnsecurity/vulns/blob/main/HNS-2022-01-dtprintinfo.txt Regards, Marco