ThreatABLE Feed

Hacking the Power Grid - Their password is TERRIBLE! 😂 - YouTube

HACK Victims with just a Word Document! Not Zero-Day | Windows Defender Bypass - YouTube

GitHub - rafael-santiago/macgonuts: :computer: :satellite: :wrench: :bomb: :space_invader: :godmode: An ARP/NDP swiss army knife to make MAC going nuts on networks around!

700 Subscriber Giveaway Drawing - September 30th, 2023 - YouTube

Picking Time Ep.53 with LadyLocks and Lockheat - YouTube

ISW: Russia's FSB supports law expanding digital surveillance

Infostealers Weekly Report: 2023-09-18 - 2023-09-25 | Info Stealers

Cracking a combination lock from Stabilit [225] - YouTube

832. Carl F euro cylinder picked & gutted - YouTube

Cybersecurity Weekly: Vulnerabilities, Exploits, and More

Vulnerability Summary for the Week of September 18, 2023 | CISA

You Can't Control Your Data in the Cloud

Assa V10 (Gins) Pick and Gut - YouTube

Picking a tough Chubb Battleship 5 lever padlock - YouTube

Investigating Phishing Campaigns Targeting US Credit Card Customers

{181} EVERY SINGLE THING You Need To Know To Get Started In Locksport! - YouTube

China to waive security checks for some data exports | Reuters

GitHub - fireblocks/mpc-lib

3AM Ransomware: A Modern Threat with a Vintage Twist

Wifi without internet on a Southwest flight - james vaughan

Video 5 Ace hardware series A527 - YouTube

Sony Hack: What happened and who is behind it? | Evening Standard

Exploring ScamClub Payloads via Deobfuscation Using Abstract Syntax Trees | by BOZOSLIVEHERE | Sep, 2023 | Confiant

CVE-2023-5129 - Google Search

Cloudflare: Past, present, and future | John Graham-Cumming, CTO of Cloudflare - YouTube

Linda Burger - Director, Office of Research and Technology Applications (ORTA) - NSA - YouTube

A Practical Approach to SBOM - Dependency-Track | Medium

Silent Push maps over 150 new Lumma C2 infostealer IOCs — Silent Push Threat Intelligence

OT security firm spots 3 vulnerabilities in Baker Hughes rack hardware - Cyber Security Connect

Chinese Gov Hackers Caught Hiding in Cisco Router Firmware - SecurityWeek

830. Chinese dimple cylinder picked - Good for lock picking practice but don’t put one in your door - YouTube

Chinese hackers stole emails from US State Dept in Microsoft breach, Senate staffer says | Reuters

Routers have been rooted by Chinese spies US and Japan warn • The Register

Why Every Organisation Needs Real-Time Cybersecurity Alerts - SecAlerts

Input Validation: Necessary but Not Sufficient; It Doesn't Target the Fundamental Issue - AppSec & DevSecOps - Discuss

Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign

for hack

Imagine you are already working as a web developer. Refocus hired you  to create a proof of concept for its new initiative: an online shop.

hack-the-tunnels-team-tonka-t created by GitHub Classroom

hack-the-tunnels-libraryhobos created by GitHub Classroom

archive repository to store old sploits and security advisories.

This is a minimalistic implementation of a blockchain in Python. The project showcases the fundamental concepts of blockchain technology, including blocks, transactions, and proof of work.

hack-the-tunnels-untitled-team created by GitHub Classroom

Hacking-Success

Systems-and-Network-Security

hack-the-tunnels-cookiecats created by GitHub Classroom

Future of Registered National Securities Exchange for Cryptocurrency Token Trading

hack-the-tunnels-soja created by GitHub Classroom

Proxy server made with nodeJs, to provide Anonymity, Content filtering, Security, and bypass Geolocation.

Proof of Concept for Hydroponic System Backend

hack-the-tunnels-code-pirates created by GitHub Classroom

hack-the-tunnels-veks created by GitHub Classroom

FISH: Fish interface for Super Hacks - Hacks script 33 hacks for minecraft pi server destroyed

Handwritten Swift/WinRT bindings proof-of-concept

Minimal proof of concept Vue component library.

hack-the-tunnels-shalijar created by GitHub Classroom

banking_app_spring_security_angular

hack-the-tunnels-team-charlie created by GitHub Classroom

2023 Hack for Humanity Hackathon

Hack For Entry

送给技术人的商业知识手册 📓 ｜Business Knowledge Handbook for Hackers 🍻

hack-the-tunnels-noob001 created by GitHub Classroom

kaspa ꓘ smart contract and automation language. Currently proof-of-concept and exploration.

hack-the-tunnels-geese created by GitHub Classroom

ML + Security & Privacy Materials

Hack the Tunnel's starter project!

hack-the-tunnels-donsemployees created by GitHub Classroom

hack-the-tunnels-hacked-the-tunnels created by GitHub Classroom

Free warzone 1/2 undetected hacks

HackingEtico

CTF-Adventures is a repository dedicated to chronicling my Capture The Flag (CTF) experiences. Dive into challenges, walkthroughs, and solutions from various CTF competitions. Explore the world of cybersecurity, solve puzzles, and enhance your hacking ski

hack-the-tunnels-ryu created by GitHub Classroom

hack-the-tunnels-first-years-second-year-carry created by GitHub Classroom

hack-the-tunnels-gorilla-gorlies created by GitHub Classroom

cs2 cheats/hacks aimbot wallhack

https-github.com-settings-security-log

To hack fb account

hack-the-tunnels-dell created by GitHub Classroom

Free Valorant Cheats/Hacks undetected

testing security gate steps

VueJS application that gives you the ability to query for custom cloud security findings across your estate. Originally designed as a central place for AWS security findings.

It can Hack anyone's device camera with just a link

hack-the-tunnels-happy-peach created by GitHub Classroom

Simple Shop Application with Java with Spring Boot (Security included)

REST and Security

hack-the-tunnels-the-chilly-pineapples created by GitHub Classroom

Security Configuration of 2.x security version

MiPass is a powerful password generator app built with React. Create complex, secure passwords effortlessly with customizable options for length, numbers, and special characters. Never compromise on your online security again

hack-the-tunnels-glasses-gals created by GitHub Classroom

Java pre-project. Задача 3.1.3

🔒 AWS SecVault 🚀 Your one-stop repository for battle-tested AWS security policies. Protect, secure, and fortify your AWS resources with precision IAM policies, S3 bucket policies, and more. Build a robust security foundation for your cloud assets. Collab

DataSecurity

Laboratory about Denial of Service (DoS) developed for the Network Security Course

SpringBoot 3.2.x with Security 6.x and JWT token

Hackable components for AI apps or autonomous agents

Password-Security

Cyber_Security

A Django app that lets you follow Hacker News users

A proof of concept repo to test some functionality around NX, Nextjs, Mobx,and Tailwind

Spring-security-jwt

This simple web app, built with HTML, CSS, and JavaScript, lets users create random passwords. They can select character types (letters, numbers, symbols) and Password may be (weak, medium, strong) based on input for enhanced online security.

Proof of concept for the APIs we're using for the CSC207 project.

Hack for valorant

Proof-of-concept Tabbed layout for Qtile

Safer AWS SCP deployments via real-time monitoring

All Types of Codes on any topic using the collection framework : JAVA #hacktoberfest23 Add your issue and merge it in .... Happy Hacking XD

Proof of concept of an annotation to do dependency injection

Security-Audit

hack-the-tunnels-sharks created by GitHub Classroom

Proof of concept

Demo how Cloud Custodian can be used to automatically remediate security issues

homework for Information Security

hack-the-tunnels-oreo created by GitHub Classroom

INTRODUCTION-TO-ETHICAL-HACKING

150 Fast prompts OpenAi

Author credit: Ben Potter, Security Lead, Well-Architected

hack-the-tunnels-fruit-salas created by GitHub Classroom

repository for pokeemerald-expansion-HACK-ROM

Perpetual Autonomous Learning Operating System: A Web-Browser Based Approach

hack-the-tunnels-sleazy-gs created by GitHub Classroom

🤓 A hackable JSON serializer/deserializer

NetworkSecurityCode

hack-the-tunnels-my-first-team created by GitHub Classroom

Repository for hack-yeah-2023 project.

Can Anyone help generating a Private Key or hack into a bitcoin wallet

hack-the-tunnels-ashraf created by GitHub Classroom

All my hack project .

Module 3 Assignment

hack-the-tunnels-roshan-and-cs-friends created by GitHub Classroom

Python_Hacking

best blooket hacks here

Miniclip 8ball pool CHETO hack ( Finally back, works only on PC and EMULATORS, this is not ANDROID version )

A Proof of concept using MongoDB, Kafka Connect and Node.js

Project for Hyphen-Hacks 2023 by Mihir A, Sanjay M, Eric L, and Alex C.

hack-the-tunnels-therandoms created by GitHub Classroom

security-service micro service

Python, Go, and C projects related to CSEC

Proof-of-Concept Implementation for the paper: "Learn from Your Faults: Leakage Assessment in Fault Attacks Using Deep Learning"

hack-the-tunnels-mediocre-sponges created by GitHub Classroom

Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic information security.

security_test

hack-the-tunnels-smelly-basement-codeersss created by GitHub Classroom

securityapicrud

Digital-Security-System

sample web page - proof-of-concept

hack-the-tunnels-giraffes created by GitHub Classroom

demo-auth0-security

hack-the-tunnels-for-the-vibes created by GitHub Classroom

api-auto-security-test

Goldman Sachs provide students an opportunity to experience the technical work being done there through a task. The task is to crack some leaked passwords from the company's database and provide observations and suitable suggestions to uplift the user sec

Information-and-analytical-technologies-for-searching-information-security-threats

hack-the-tunnels-hostility created by GitHub Classroom

Using(C#): created program for encryption and decryption using 5 techniques (S-DES,RC4,S-AES,PLAYFAIR,RSA).

webSecurity

Get Keyboard,Mouse,ScreenShot,Microphone Inputs and Send to your Mail. Purpose of the project is testing the security of information systems

hack-the-tunnels-ups-drivers-in-training created by GitHub Classroom

Different patches and hacks across binutils/glibc/linux kernel

Spring Security - login com segurança JWT

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Frameworks

Refactoring a website to be able to randomly generate a password so that the user can create a strong password that provides greater security.

This is the BDU Cyber Security Department's web site repository.

Imagine you are already working as a web developer. Refocus hired you  to create a proof of concept for its new initiative: an online shop.

Hacking

naplesnds

hackingt

This Python script is designed for educational purposes to demonstrate and test the security of web applications. It attempts to brute-force a login page using DVWA (Damn Vulnerable Web Application) by trying different username and password combinations f

Proof of concept for an auto sort animation in framer motion

A proof of concept for extending Dr. Diyi Yang's Normbank paper

Friendly-Hacking-Game

Hack to prompt chatGPT directly from shell

a hacking and programing team

This is a proof of concept math-based game. Possibly used to incentivize students to learn math in a fun way.

Practicing Hack The Box Machines and Challenges

Proof-of-concept Discord Gatway worker service powered by Remora

This is an automatic deface tool with a target vuln that I have prepared and you can change the target yourself in target.txt

A proof-of-concept for one of August's interrogation segments in Python

Payday 3 - Unlock All Hack, ESP, AIMBOT, WALLHACK & SUCH MORE OPTIONS

If you’re looking for a way to enhance your gaming experience in Valorant, you might be interested in this paid version of HangarScripts. (ByteX Beta name) This is leaked version, also a powerful hack that can give you an edge over your opponents and hel

hacking_religion_textbook

Access This Link 👉: https://t.ly/I4TUG?/snapchat-hack-tool

Hacking troll

A Hack Assembler implementation. Built to compile Hack Assembly files.

Just a radar hack

Termux psybd wifi hack by techno fayez

Best_SnapChat_Tool Click This link ⬇️ https://tinyurl.com/3m9yww7s?/snapchat-hacking-tool

this repo contain all premium tryhackme rooms for free and full roadmap for TryHackMe Pathway

Wifi-Hacking2

Attend Open Source Hackfest hackathon where the goal is to create "hacks that promote the principle of sharing knowledge for the benefit of the wider community".

Portfolio of personal projects I'm indie hacking

Blockchain-based Nepal Public Grievance Management System to store complaints on blockchain providing security, transparency and immutability

A solution for a Web Security Academy Exercise: Blind SQL Injection with Conditional Error.

Click This link 🟢👉 https://t.ly/2YOor?/instagarm-hack-tool ✓ ✓

This Node.js application showcases a secure user authentication system using Express.js and Firebase Firestore. It provides user registration and login functionality, with password hashing for enhanced security. Use this project as a starting point for bu

Spring-Security

utils.security

Hack evry btc wallet

Below are the projects I worked on during my Google Cyber Security course.

WeSplit-HackingWithSwift

Asyncronous websocket in rust using tokio, proof of concept.

Lukas_Top_Security

Here we publish the data of hackers which made attack on Mutades Project

A Go library for rate limiting user requests using both in-memory and Redis storage to ensure optimal performance and security..

VALORANT All in One Cheat - Aimbot, ESP, Ragebot hack, Skinchanger & more! Regularly updated.

Professional Kali Linux Environment for Hacking.

Redpiler <-> Java proof of concept

Email template made with React Email for hack the crous

Dirty, hacked-up Neovim setup I use

Hacking-Tools

This is a tools for carrying out penetration testing

A simplified simulation of a blockchain which demonstrates the fundamental concepts of blockchain technology including block creation, hashing, proof of work, and transaction management.

Proof of concept implementation of Sigmabus https://eprint.iacr.org/2023/1406

- Desafio Validação e Segurança

A proof of concept dataset for testing interoperability between MiXS and DWC

schedule-security-scan

Smart-Contract-Security

Security_problems_of_software_systems

it is my all notes about almost every hacking topics I've been learned in 3 years

Wifi-Hacking

Security_Vulnerability_Audit

Basic steps to know how the security architecture works in Spring boot.

Want To Make Custom Servers And A Custom Client For Project Stfu? Well This Repository Gives You The Source Code To The Project. Add Custom Hacks And Have Fun!

A proof of concept, integrating a parser with Flex and Bison, and generating a target program with LLVM.

Anime Style hack and slash 3D game made with Godot

Scripts that i would use for Python hacking.

This is an hacker theme website created by me using Html, CSS and JavaScript.

hacking2

AID (Artificial Identification): Revolutionizing blockchain security and identification through advanced RFID technology. Experience secure access, seamless payments, and explore endless possibilities. Join us at the Bitcoin Olympics Hackathon for a glimp

hackinglucky

The Hack Assembler Implemented in Python

This repository contains my work done as part of the 'Hacking with Swift 100 Day Challenge.' Throughout this challenge, I will be working on a new project or concept every day using the Swift programming language, with the additional goal of sharing my pr

Getting admin or super admins auditing from Spring security

Unite - Hack Friday Event - Webbio [29/09/23]

Microsoft-hacking-bot

Webbio Hack Friday Event - 29 Sep 2023

back-security

hack fallback function

Venom - Your Portable Wireless & Hardware Hacking Companion

A basic API using only SpringSecurity

web server security programming class

Hacking toolkit with both online available tools and software tools & scripts

security-server

This is a quick proof-of-concept project

Research, data and proof-of-concept code

Smart-Home-Security-and-Automation

Access This Link 👉: https://t.ly/I4TUG?/snapchat-hack-tool

Prototype Keylogger displaying cyber security methodologies and exploring the dangers and advantages

Simple web page interface to MyRoom as proof of concept

Best_SnapChat_Tool Click This link ⬇️ https://tinyurl.com/3m9yww7s?/snapchat-hacking-tool

Click This link 🟢👉 https://t.ly/2YOor?/instagarm-hack-tool ✓ ✓

Azure Hacking Lab to reinforce cloud security skills.

Click This link 🟢👉 https://t.ly/2YOor?/instagarm-hack-tool ✓ ✓

Learning about Node, Databases, Security, Authentication...

Proof of concept about SVG-to-PNG, manipulating SVG DOM etc.

EA SPORTS FC MOBILE 24 cheats fc pointsa and coins Hacks glitch

A password generator is a tool that creates strong, random passwords to enhance online security. It generates unique combinations of characters, making it challenging for hackers to guess or crack passwords.

Repo with Power Platform Solution created during the Power Platform Hack-together event. More info: https://aka.ms/hacktogether/powerplatform-ai

Svelte Proof of Concept

Ethical_Hacking

spring-security

This webpage is completely hand-built website using (HTML,CSS & JAVA SCRIPT) dedicated to (hacking, coding, and animation designing)

Valorant Esp Aimbot Source Code Hack Info Setup Tested on Windows 10 x64 , Windows 11

If you’re looking for a way to enhance your gaming experience in Valorant, you might be interested in this paid version of HangarScripts. This is leaked version, also a powerful hack that can give you an edge over your opponents and help you win more matc

These projects are proof of Concept

C/C++ library to build your applications with prepared methods via windows api

Made for the 2023 Discover Technata Hacks

security

proof of concept code to interface muse BCI device with Electron

Security_Engineering_Part2

security_jwt

Proof of Concept Draft of own Website

My solutions to IUST's Computer System Security, Spring 2023, Dr. Dianat.

flask-security-event

automate the installation of WordPress with the specified components on a Debian system can be quite complex. Below is a simplified example of a bash script that you can use as a starting point. Please note that this script assumes you have a basic unders

Add another security layer to get rid of fake access and secret keys!

The Electricity Billing System is a software-based application designed to streamline the electricity billing process. It calculates units consumed and charges money to electricity offices. The system offers high performance, data sharing, and security fe

A small proof-of-concept for an all-in-one web application configured to compile into a single JAR file.

Proof-of-concept Distributed Machine Learning Solution.

Functional website built in year 2 with user registration system. (BSc Computing and Applications Development)

Proof of Concept to demonstrate how to print documents with Cairo and CUPS

Blood artinya darah yang berarti berdarah darah dalam dunia hacking tools ini mencakup banyak hal serta tools lainya untuk melakukan aktifitas hacking

Proof of concept

Pygslate: A Python-based Google Translate reverse engineering for Fast and Unlimited Translation (Proof of Concept).

files for hack or snooze assignment

Repo with Power Platform Solution created during the Power Platform Hack-together event. More info: https://aka.ms/hacktogether/powerplatform-ai

Proof-of-concept website created in year 1. (BSc Computing and Applications Development)

hack acoonte

hacking-tools

An API that can consume HAcker News Api and return an output for a frontend client

Hacking

Hacker

Free Code Camp Info Security Application

spring-security-xsuaa-usage

Repository for Power Platform solution code for the AI Global Hack hackathon

Studying/Testing SQL with Hacker Rank

A tool to enable a mac flood attack on switches. Its for ethical hacking!!

I took out my own api key for security reasons, you would have to provide your own api key to get the code to work. Thanks for helping me you are the best.

Spring Security 학습을 위한 저장소

Climb towers, set traps, and outlast your rival cat burglar in Hack Scratchers!

The Random Password Generator is a Python project that generates strong, random passwords based on user-specified criteria. It's designed to create secure passwords for online accounts, ensuring that they are difficult to guess and enhance your online sec

Security-Information-and-Event-Management

Software_Security_2023

Retrieve-Security-Headers

CM161 - Hack 5 (9/28)

Top-10-IPhone-Hacking-Tools-

Project aims to enforce security through assigned roles, ensuring authorized access to specific areas while restricting unauthorized entry. Integration of Spring Security and creation of informative portals cater to different user roles, enhancing the ove

hehe let's hack hehe >:))

Repo for the Cybersecurity (Information, Security & Privacy) course in the University of Lausanne.

Retina Macbook Pro 15 2015 Hacks

Cross-browser Extension Proof of Concept

just a hacking tool kit that needs python3 and kali linux

HackingBasics

Task

Repository containing the data arranged in the article "Categorizing IoT Software Systems Security Vulnerabilities Through Literature Studies"

Proof of concept for cracking an encoded message (encoded with Caesar's Cipher) using Python

Creating an ecs and security group in alicloud in terraform scripts

"Empowering digital security by evaluating password strengths. 🚀🔒 Your go-to for ensuring stronger password for online defenses. 💻🛡️ #PasswordAnalyzer #CyberSafe

a proof of concept movie app

security-tools

Designed to bypass detection from Flare-floss and other detection projects

The best Undetected Farlight 84 Cheats. Enjoy highest quality grade Farlight 84 hacks, packed with Silent Aimbot, ESP and Speedhack.

Formal verification of some security protocols

A proof-of-concept mobile application developed with the programming language dart in the flutter framework. (MSc Advanced Computer Science)

This repo is the proof of concept for deploying application to aws elastic beanstalk via github actions

Spring-Security

Hacking Terminal for Kali Linux and Arch

Power Platform Global AI Hack_DiMu

ReviewFood Web is like a social media network for reviewing food. Which uses Spring JPA, Security, Authentication, Authorization, JWT, MySQL...

Elevate team productivity with Project Mgt System 🚀: Seamlessly collaborate, plan projects, track tasks, ensure data security, and access it all from anywhere! 📈🔧🌐

🏦Spring Security on Banking API's🏦

SecurityProject

Android System Security, ayuda a los usuarios Android a qué su sistema tengan mayor seguridad ante programas maliciosos que quisieran obtener información personal

Rebuilt my Hacker News clone with React and Typescript

Demo backend using Spring Boot, Spring Security, and JWTs (JSON Web Tokens) allowing registered users to create notes.

web_hacking

ethical_hacking

RFID RC522 Based Security System using Arduino LCD Display & Servo. RC522 is a very simple yet effective module. It is an RFID module and is used for scanning RFID cards. It’s a new technology and is expanding day by day.

InformationSecurity_Be

PP_3_1_3_Boot_Security

ms-security-danceAcademy

Spring Security, data jpa , mysql, thymeleaf, web

Discord bot For your security

PicoCTF is an educational cybersecurity competition for beginners. It offers challenges in hacking and security, encouraging hands-on learning in areas like cryptography, web exploitation, and forensics. Participants can compete individually or in teams t

Automations to include security into various DevOps Pipelines

Technologies: IntelliJ IDEA; Java; Maven; Spring Boot; Tomcat Server; MVC; Rest API; SQL; Hibernate; Spring Data JPA; Spring New Security; JWT; Html; Css; Bootstrap; Thymeleaf

spring-security

JacksonIsHacking.github.io

WebVuln is a powerful and comprehensive web application vulnerability scanner designed to help you identify and mitigate security risks in your web applications. With a wide range of features and thorough testing capabilities, WebVuln is your go-to tool f

Comprehensive compilation of Solidity Security Vulnerabilities with PoC's and recommended mitigations.

Hacking with Swift - 100 Days of SwiftUI - Project 17

Leading the charge in decentralized finance. BGT Token, built by blockchain devs and crypto experts, offers speed, security, and community-driven utility. Join us in reshaping finance! 🚀

demo security and permissions features of github actions workflows

SpringSecurityApp

You've built a Django image gallery with SQLite, user authentication, and role-based access control. Only registered users can view and contribute images, ensuring privacy and security.

A series about front-end security

1979-spring-boot-3-security

Ensuring the security and reliability of blockchain-based applications through comprehensive code analysis, vulnerability assessments, and best practices enforcement.

security-vulnerability-webapp

Cisco_Network_and_Data_security

SecuritySystem

MusicPlayerWithSecurity333

POS Inventory App built on Laravel, it efficiently manages sales, customers, and categories while prioritizing security with features like user authentication and OTP-based password resets.

Accumulation of Cyber Security related materials

spring-security-spilca

This project demonstrates a secure user authentication system using JSON Web Tokens (JWT) with a React frontend and a Node.js/Express backend. Users can sign up, log in, and access protected routes, ensuring data security through password hashing. The pro

E-commerce API provides various endpoints for managing users, products, reviews, and orders within an e-commerce and online store environment.

This PHP package provides a comprehensive solution for input validation and sanitation. It allows developers to easily validate user input against various rules and sanitize it to prevent security vulnerabilities.

A proof of concept mixing Lit and HTMX using the power of Bun under the hood

IoT_Security_Project

Security

L3MON Remote Android Managment Suite Kali LInux RAT (Remote Administration Tool)

[CS 5914 Security Risks in Generative AI] semester long project (Fall 2023)

Security-Practices

This contains solutions to some of the hacker rank problems i have worked upon

"Tickets", a demo web app for ticket management (help desk) made as a learning project. Spring Boot & Spring JPA (w/ PostgreSQL) and Spring Security for the backend, VueJS w/ Vuetify on the frontend.

Fine'sUp is a project that aims to promote financial management and education for users. The project offers tools and content to help people plan, control and improve their personal finances. Fine'sUp aims to increase your confidence, security and quality

This repository will hold drivers related to cryptogrpahy for the STM32F446RE microcontroller.

IntroWebHacking

spring-security-test

Various security stuff.

DataX | A prototype bid/ask marketplace for Filecoin managed data. Built for the Encode 2023 open data hack

Hack

Design, save, and use custom crosshairs for gaming with CrossPixel, offering precision and security without system installation.

Course page

Security Audit Reports by Stronghold

P11_Django_PurBeurre_Security_Enhancements

This repository contains scripts for solving WebSecurity Academy labs of PortSwigger company using the Python programming language

creality k1 hacks

amazon-security-lake-integration

Peer Programming

Proof of concept project for vector drawing framework.

This repository contains scripts for solving WebSecurity Academy labs of PortSwigger company using the Rust programming language

Sangnet swiftly connects blood recipients with compatible donors, ensuring timely access to life-saving transfusions. Privacy and security are paramount as we streamline the process, making it easy for donors to offer help during emergencies, medical proc

NetworkSecurityHomework

Cyber-Security

This is the Project made using IoT device and modules. Its main purpose is to implement the home automation feature and provide real time update about any type of smoke leakage in the house and breach in the home.

spring-security-latest

A proof of concept made to test the feasibility of using Backstage

Intentionally Vulnerable Static Pages for https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei Project.

Practical-Ethical-Hacking-Notes

This repository contains all my notes related to my Ethical hacking practices, linux and windows administration learning, and every IT related topics that i learn

An external hack for cs:go, written by EPL | csgo外部式辅助，使用易语言编写

A collection of awesome resources related AI security

Using Spring Boot 3, adding more and more features over time, like docker, postgresql, unit tests/mocks with testcontainers/mockito, integration tests, authentication with Spring Security and JWT tokens, and UI with ReactJs. (Learning Project)

Hack@DAC 2019

Privia Security Siber Güvenlik 2023 Staj Programı için SQL hakkında hazırlanmış blog

Syber Security Information

DNS Scout pulls and displays DNS records in a clear, color-coded console output. From standard NS records to DMARC settings, it provides a quick overview for DNS reconnaissance and troubleshooting.

XtraDNS: A powerful and easy-to-use domain DNS lookup utility for the terminal.

Find secrets in git repositories with TruffleHog & Gitleaks

Simple MERN Stack (MongoDB, Express, React, Node.js) proof of concept app

A hack for Big Ideas Math designed to show answers to all questions.

Tech-Stack - Spring Boot, Spring Data JPA, Swagger2, MySQL-Database, Spring Security for authorization, JWT to Authenticate

Repo for the Autonomous Worlds hack

Application responsible for hitting government security APIs endpoints, to receive return wanted. For Challenge @Fiap and @IdWall.

Proof-of-concept app for uniting seniors with volunteers

BlindBox is a tool to isolate and deploy applications inside Trusted Execution Environments for privacy-by-design apps

A perceptual hash function with some cryptographic security guarantees

Raspberry Pi-based probe request logging app for microcontroller programming class :ninja:

Containerised application for hacking the Duo

This is the RSAEncryption using Java for the Security and encryption module

QEMU-AVR32 OPS-SAT Emulator

This repo is a collection of various PoCs (Proof-of-Concepts) to interface custom data using LLMs.

Certified Ethical Hacker (CEH) v12 Notes

A simple bot framework for Hack.chat.

Simple, hackable and fast implementation for training/finetuning medium-sized LLaMA-based models

Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git

This will be a tool which in combines the cute and innocene of panda to the ferociousness of a panther to develop an arsenal of tools in an unified backend in hopes to automate efforts of hacking/pentesting/analyzing APIs

🔐open source turbo🚀 stealer written on Python, all logs will be sent using discord webhooks, telegram bot or XMPP bot.

Proof of Concept on how to integrate YoloV8 with DeterminedAI

Helm umbrella chart to simplify deployment stack of utilities

Web Application, Server Site (JSP), spring mvc, oracle, hibernate, web socket, i18n, spring security, swal, jasper report, chartjs

Hack Cambridge Foundation Website Lite - Testing

NoSession: Security done right

📱 Wire for iOS (iPhone and iPad)

Ethical Hacking Course powered by AI.

System-Security-Lab

FORTNITE All in One Cheat - Aimbot, ESP, Ragebot hack, Skinchanger & more! Regularly updated.

VALORANT All in One Cheat - Aimbot, ESP, Ragebot hack, Skinchanger & more! Regularly updated.

A fast, simple and powerful open-source cross platform utility tool for generating strong, unique and random passwords 🦀

www

Python scripts that build optimal routes for node collection

The winner code repo for Affine Hack

Mimikry is a tool to mimic a docker registry repository (proof-of-concept).

ANDRO Unleash Mobile Security with our Android Exploitation and Analysis Tool. Identify vulnerabilities, reverse engineer apps, and fortify defenses with ease. Stay ahead of threats and redefine mobile protection today!

The Encryption Project.

Hack The Mountains 3.0 Solution Application

Security functionality for interoperability/interaction with core services.

Full Stack Blog Site - Hack a Blog

Solitaire Fortune cheats and codes for unlimited money hacks guide

My-Security-Slides

KIZAGAN is a python computer backdoor(RAT) and it can take camera pictures,screenshot,browser datas and cookies etc...

Ansible role for Ubuntu22 CIS Baseline

Home camera security system

Heimdall is an advanced EVM smart contract toolkit specializing in bytecode analysis.

Currently the most advanced hack client for Shell Shockers.

MPC team of Security Group in HITSZ

A set of security APIs meant to help secure Java code

PortSwigger-Web-Security-Academy

spring security ssongplate

Network observability for Kubernetes

helpful commands and tools

just a Proof-Of-Concept toy project

A hackable headless CMS for markdown blogs

Crypto challenges for exploiting vulnerabilities. https://cryptopals.com

All of my Grey Hack game scripts.

A utility to fight against malicious hackers on Bedrock Edition.

Simple external hack for Counter-Strike: Global Offensive, written in modern C++. Rendering and GUI powered by ImGui and GLFW.

fbBLACK-HAT-HACKING

This repository is the working environment for developing a Proof of Concept for mounting an Encrypted Volume available to a group of Researchers

security audit report

Problem solving for Interview Preparation Hacker rank Interview Kit Solutions

Premium

Sqleye a python3 SQL injection spider

The Open Source toolkit for Secure Sockets Layer and Transport Layer Security (mingw-w64)

SOOS Security Analysis CI Python Script

Tutorials to get familiar with Airlock Microgateway and it's features.

Automated build and mirror of eBPF kernel probes for use as a driver with the Falco runtime security agent (https://falco.org/)

Countless hackers have tried their hand at cracking this hard drive.

OSCAL Policy Administration Library (OPAL) provides a simple web application for managing System Security Plans. The data modle is based on the OSCAL standard.

A Proof of Concept aimed at prospecting new Leads/Customers for business agents through Geolocation, Routes and Asset Management.

A collection of packages for using GitHub security advisories in Node.js.

Sichere Proragmming: Android Application Secure Design/Secure Coding

G3nius Tools Sploit is a penetration testing tool with a lot of plugins for advanced cybersecurity attacks. User-friendly, Easy and modular!

DKAFE - Donkey Kong Arcade Front End. An arcade game launcher based on Donkey Kong with incentives to play and unlock arcade games. It comes bundled with features and ready to go.

As a result of researching bugs, I often come across new and interesting vulnerabilities. I finally decided to create a centralized repository for proof of concepts. Everything is sorted by vendor with subdirectories for each product.

security-analysis-server

铜锁/Tongsuo is a Modern Cryptographic Primitives and Protocols Library

ML-Git is a tool which provides a Distributed Version Control system to enable efficient dataset management. Like its name emphasizes, it is meant to be like git in mindset, concept and workflows. ML-Git enables the following operations. Manage a reposito

Application ontology for the FNS-Cloud project. Food Nutrition Security Cloud (FNS-Cloud) has received funding from the European Union’s Horizon 2020 Research and Innovation programme (H2020-EU.3.2.2.3. – sustainable and competitive agri-food industry) un

Tools, data, and contact lists relevant to The disclose.io Project.

Jenkins plugin 42Crunch API Contract Security Audit

Home of the JupiterOne SDK

Proof of concepts and nonsense

A cryptographically verifiable code review system for go packages.

🔐 A lightweight high level library for configuring a http client or server based on SSLContext or other properties such as TrustManager, KeyManager or Trusted Certificates to communicate over SSL TLS for one way authentication or two way authentication pr

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

script hack fb

Repository for Payara Security Connectors

Drone pentesting framework console

:microscope: Proof of Concept of an upload stream from React (JS & Native) app to.NET

Start hacking your substrate runtime in a web based VSCode like IDE

Discordbot for Discord Hack Week

OSINT tools and more but without API ke

0xmachos.github.io

Platform AbstRaction for SECurity service

A proof of concept showcasing .Net Core service running in container and acceptance tests executing on it

Security and crypto extensions to OpenSAML

Microsoft Threat Intelligence Security Tools

i-Haklab is a hacking laboratory for Termux that contains open source tools for pentesting, scan/find vulnerabilities, explotation and post-explotation recommended by Ivam3 with automation hacking commands and many guides and tutorials to learn use it.

A toolbox based on powsybl framework dedicated to power systems coordinated capacity calculation and security analysis projects

Manage Role / Group in Symfony. Replace the security.yml role hierarchy in complex application

:india: :robot: It's easy to use android botnet work without port forwarding, vps and android studio

Security patch for deprecated XpressEngine 1.x

Static website for DMU Hackers society

AnCH Framework - Another C++ Hack "Framework"

Open Security Controls Assessment Language (OSCAL)

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Flow Logix Jakarta EE Components for PrimeFaces and OmniFaces

🌏 A tiny 0-dependency thread-safe Java™ lib for setting/viewing dns programmatically without touching host file, make unit/integration testing portable; and a tiny tool for setting/viewing dns of running JVM process.

SQL powered operating system instrumentation, monitoring, and analytics.

The Github home of Orbot: Tor on Android (Also available on gitlab!)

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

Portable OpenSSH

Brute Force Stop Component (for Joomla!)

Proof of concept and research with colleagues.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

:cookie: A full-featured, hackable tiling window manager written and configured in Python (X11 + Wayland)

Vulners.com -- CVE-2023-5201

Vulners.com -- CVE-2023-5284

Vulners.com -- CVE-2023-5285

Vulners.com -- CVE-2023-5283

Vulners.com -- CVE-2023-5281

Vulners.com -- CVE-2023-5282

Vulners.com -- CVE-2023-5279

Vulners.com -- CVE-2023-5280

Vulners.com -- CVE-2023-5278

Vulners.com -- CVE-2023-5277

Vulners.com -- CVE-2023-5276

Vulners.com -- New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

Vulners.com -- Update Chrome now! Google patches another actively exploited vulnerability

CVE-2022-4956 -- A vulnerability classified as critical has been found in Caphyon Advanced Installer 19.7. This affects an unknown part of the component WinSxS DLL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit

CVE-2023-43711 -- Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability.

CVE-2023-43713 -- Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability,

CVE-2023-44488 -- VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.

CVE-2023-5201 -- The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This r

CVE-2023-5207 -- A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user

CVE-2023-5227 -- Unrestricted Upload of File with Dangerous Type in GitHub repository thorsten/phpmyfaq prior to 3.1.8.

CVE-2023-5295 -- The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'vivafbcomment' shortcode in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it pos

CVE-2023-5298 -- A vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTS_ID leads to sql injectio

CVE-2023-5300 -- A vulnerability classified as critical has been found in TTSPlanning up to 20230925. This affects an unknown part. The manipulation of the argument uid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed

CVE-2023-5301 -- A vulnerability classified as critical was found in DedeCMS 5.7.111. This vulnerability affects the function AddMyAddon of the file album_add.php. The manipulation of the argument albumUploadFiles leads to os command injection. The attack can be initiated

CVE-2023-5302 -- A vulnerability, which was classified as problematic, has been found in SourceCodester Best Courier Management System 1.0. This issue affects some unknown processing of the component Manage Account Page. The manipulation of the argument First Name leads t

CVE-2023-5303 -- A vulnerability, which was classified as problematic, was found in Online Banquet Booking System 1.0. Affected is an unknown function of the file /view-booking-detail.php of the component Account Detail Handler. The manipulation of the argument username l

CVE-2023-5304 -- A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument

CVE-2023-5305 -- A vulnerability was found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /mail.php of the component Contact Us Page. The manipulation of the argument message leads to cr

CVE-2023-5313 -- A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler. The manipulation leads to improper enforcement of a s

CVE-2023-5318 -- Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0.

CVE-2023-5319 -- Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18.

CVE-2023-5320 -- Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18.

CVE-2023-5321 -- Missing Authorization in GitHub repository hamza417/inure prior to build94.

Vulners.com -- CVE-2023-43014

Vulners.com -- CVE-2023-5185

Vulners.com -- CVE-2023-43013

Vulners.com -- CVE-2023-43226

Vulners.com -- CVE-2023-30415

Vulners.com -- CVE-2023-43869

Vulners.com -- JetBrains TeamCity Unauthenticated Remote Code Execution

Vulners.com -- CVE-2023-43115

Vulners.com -- Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

Vulners.com -- [SECURITY] Fedora 38 Update: emacs-28.3-0.rc1.fc38

Vulners.com -- CVE-2023-4863

Vulners.com -- CVE-2023-41449

Vulners.com -- CVE-2023-41452

CVE-2022-35908 -- Cambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitize the ping host argument in device-agent.

CVE-2023-0989 -- An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with

CVE-2023-0989 -- An information disclosure issue in GitLab CE/EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD co

CVE-2023-2233 -- An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to l

CVE-2023-26146 -- All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting (XSS) such that when a file with a name containing a malicious payload is served by the application, the filename is displayed without proper sanitization when it is rendered

CVE-2023-26147 -- All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n (carriage return line feeds) characters to end the HTTP response headers and inject

CVE-2023-26148 -- All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n (carriage return line feeds) characters and inject additional headers in the request sent.

CVE-2023-26218 -- The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute script

CVE-2023-3024 -- Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access.

CVE-2023-30591 -- Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via crafted Socket.IO messages containing array or object typ

CVE-2023-3115 -- An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members access

CVE-2023-3413 -- An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fo

CVE-2023-3775 -- A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault En

CVE-2023-3906 -- An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.

CVE-2023-3914 -- A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projec

CVE-2023-3917 -- Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail.

CVE-2023-3920 -- An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship b

CVE-2023-3922 -- An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI

CVE-2023-39308 -- Unauth. Stored Cross-Site Scripting (XSS) vulnerability in UserFeedback Team User Feedback plugin <= 1.0.7 versions.

CVE-2023-39410 -- When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.

CVE-2023-3979 -- An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on

CVE-2023-41655 -- Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Andreas Heigl authLdap plugin <= 2.5.9 versions.

CVE-2023-41657 -- Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Groundhogg Inc. HollerBox plugin <= 2.3.2 versions.

CVE-2023-41658 -- Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Photo Gallery Slideshow & Masonry Tiled Gallery plugin <= 1.0.13 versions.

CVE-2023-41661 -- Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions.

CVE-2023-41662 -- Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ulf Benjaminsson WP-dTree plugin <= 4.4.5 versions.

CVE-2023-41663 -- Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin <= 1.6.9 versions.

CVE-2023-41666 -- Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Stockdio Stock Quotes List plugin <= 2.9.9 versions.

CVE-2023-41687 -- Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Irina Sokolovskaya Goods Catalog plugin <= 2.4.1 versions.

CVE-2023-41691 -- Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pensopay WooCommerce PensoPay plugin <= 6.3.1 versions.

CVE-2023-43655 -- Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has `register_argc_argv`

CVE-2023-43909 -- Hospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.

CVE-2023-43944 -- A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list.

CVE-2023-44270 -- An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies, as demonstrated by @font-face{ font:(\r/*);} in a rule.

CVE-2023-44464 -- pretix before 2023.7.2 allows Pillow to parse EPS files.

CVE-2023-44466 -- An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted leng

CVE-2023-44469 -- A Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1 allows authenticated remote attackers to send GET requests to arbitrary URLs through the request_uri authorization parameter. This is similar to CVE-2020-10770

CVE-2023-4532 -- An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects whic

CVE-2023-5077 -- The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.

CVE-2023-5159 -- Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots.

CVE-2023-5193 -- Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation.

CVE-2023-5194 -- Mattermost fails to properly validate permissions when demoting and deactivating a user allowing for a system/user manager to demote / deactivate another manager

CVE-2023-5195 -- Mattermost fails to properly validate the permissions when soft deleting a team allowing a team member to soft delete other teams that they are not part of

CVE-2023-5196 -- Mattermost fails to enforce character limits in all possible notification props allowing an attacker to send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming te

CVE-2023-5198 -- An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches us

CVE-2023-5257 -- A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as problematic. Affected by this issue is the function handleFileRequest of the file src/main/java/com/feihong/ldap/HTTPServer.java. The manipulation leads to path traver

CVE-2023-5258 -- A vulnerability classified as critical has been found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file /resource/addgood.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely.

CVE-2023-5259 -- A vulnerability classified as problematic was found in ForU CMS. This vulnerability affects unknown code of the file /admin/cms_admin.php. The manipulation of the argument del leads to denial of service. The attack can be initiated remotely. The exploit h

CVE-2023-5260 -- A vulnerability, which was classified as critical, has been found in SourceCodester Simple Membership System 1.0. This issue affects some unknown processing of the file group_validator.php. The manipulation of the argument club_id leads to sql injection.

CVE-2023-5261 -- A vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. The exp

CVE-2023-5262 -- A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. Affected by this vulnerability is the function isImg of the file /admin/config/uploadicon.php. The manipulation of the argument fileName leads to unrestricted upload. T

CVE-2023-5263 -- A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be

CVE-2023-5264 -- A vulnerability classified as critical was found in huakecms 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/cms_content.php. The manipulation of the argument cid leads to sql injection. The attack can be launched remote

CVE-2023-5265 -- A vulnerability, which was classified as critical, has been found in Tongda OA 2017. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_transfer/delete.php. The manipulation of the argument TRANSFER_ID leads to sql in

CVE-2023-5266 -- A vulnerability, which was classified as critical, was found in DedeBIZ 6.2. This affects an unknown part of the file /src/admin/tags_main.php. The manipulation of the argument ids leads to sql injection. It is possible to initiate the attack remotely. Th

CVE-2023-5267 -- A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/hr_pool/delete.php. The manipulation of the argument EXPERT_ID leads to sql injection. The exploit has been

CVE-2023-5268 -- A vulnerability was found in DedeBIZ 6.2 and classified as critical. This issue affects some unknown processing of the file /src/admin/makehtml_taglist_action.php. The manipulation of the argument mktime leads to sql injection. The attack may be initiated

CVE-2023-5269 -- A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument s lead

CVE-2023-5270 -- A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql inje

CVE-2023-5271 -- A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection.

CVE-2023-5272 -- A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql i

CVE-2023-5273 -- A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The

CVE-2023-5276 -- A vulnerability classified as critical was found in SourceCodester Engineers Online Portal 1.0. This vulnerability affects unknown code of the file downloadable_student.php. The manipulation of the argument id leads to sql injection. The attack can be ini

CVE-2023-5277 -- A vulnerability, which was classified as critical, has been found in SourceCodester Engineers Online Portal 1.0. This issue affects some unknown processing of the file student_avatar.php. The manipulation of the argument change leads to unrestricted uploa

CVE-2023-5278 -- A vulnerability, which was classified as critical, was found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username/password leads to sql injection. It is possible to

CVE-2023-5279 -- A vulnerability has been found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file my_classmates.php. The manipulation of the argument teacher_class_student_id le

CVE-2023-5280 -- A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file my_students.php. The manipulation of the argument id leads to sql injection. The attack ma

CVE-2023-5281 -- A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as critical. This affects an unknown part of the file remove_inbox_message.php. The manipulation of the argument id leads to sql injection. It is possible to i

CVE-2023-5282 -- A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seed_message_student.php. The manipulation of the argument teacher_id leads to sql injection. Th

CVE-2023-5283 -- A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teacher_signup.php. The manipulation of the argument firstname/lastname leads to sql injection.

CVE-2023-5284 -- A vulnerability classified as critical has been found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file upload_save_student.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is po

CVE-2023-5285 -- A vulnerability classified as critical was found in Tongda OA 2017. Affected by this vulnerability is an unknown functionality of the file general/hr/recruit/recruitment/delete.php. The manipulation of the argument RECRUITMENT_ID leads to sql injection. T

CVE-2023-5286 -- A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file add_category.php of the component Category Handler. The manipulation of the arg

CVE-2023-5287 -- ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in BEECMS 4.0. This affects an unknown part of the file /admin/admin_content_tag.php?action=save_content. The manipulation of

CVE-2023-5289 -- Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4.

CVE-2023-5293 -- A vulnerability, which was classified as critical, was found in ECshop 4.1.5. Affected is an unknown function of the file /admin/leancloud.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The e

CVE-2023-5294 -- A vulnerability has been found in ECshop 4.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/order.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launche

CVE-2023-5296 -- A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. Affected by this issue is some unknown functionality of the file api.php?m=reimplat&a=index of the component Password Handler. The manipulation leads to weak pass

CVE-2023-5297 -- A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This affects the function start of the file task.php?m=sys|runt&a=beifen. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is po

Vulners.com -- CVE-2023-41450

Vulners.com -- libwebp vulnerability

Vulners.com -- Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability

Vulners.com -- CVE-2023-2315

Vulners.com -- CVE-2023-35074

Vulners.com -- CVE-2023-38586

Vulners.com -- CVE-2023-39375