MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more!
New infosec products of the week: October 4, 2024
October 2024 Patch Tuesday forecast: Recall can be recalled
Best practices for implementing threat exposure management, reducing cyber risk exposure
Cybercriminals capitalize on poorly configured cloud environments
Why your password policy should include a custom dictionary wordlist
DPRK's APT37 Targets Cambodia in Khmer
Recently patched CUPS flaw can be used to amplify DDoS attacks
‘LLM hijacking’ of cloud infrastructure uncovered by researchers
Dutch police breached by a state actor
ANY.RUN Upgrades Threat Intelligence to Identify Emerging Threats
Ukraine-Russia Cyber Battles Have Real-World Impact
DrayTek Routers at Risk From 14 New Vulnerabilities
CISA Adds High-Severity Ivanti Vuln to KEV Catalog
Ivanti warns critical flaws in Endpoint Manager exploited in the wild
Bank of America Outage: Is Your Account Balance Zero? - Security Spotlight
Urgent Security Alert: Critical Ivanti Endpoint Manager Vulnerabilities Discovered - Security Spotlight
Dutch Police: ‘State actor’ likely behind recent data breach
‘Pig butchering’ trading apps found on Google Play, App Store
The Future of AI Safety: What California's Vetoed Bill Means
AI 'Nude Photo Generator' Delivers Infostealers, Not Images
Millions of Enterprises at Risk: SquareX Shows How Malicious Extensions Bypass Google’s MV3 Restrictions
Webinar Announcement: Attack Surface Management to the Rescue – Find, Fix, Fortify Your ASM with Criminal IP
Doppler Launches 'Change Requests' to Strengthen Secrets Management Security with Audited Approvals
FIN7 Hosting Honeypot Domains with Malicious AI DeepNude Generators – New Silent Push Research
Fraudsters imprisoned for scamming Apple out of 6,000 iPhones
Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure
Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks
Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps
CISA is warning us (again) about the threat to critical infrastructure networks
Litespeed Cache Plugin Flaw Allows XSS Attack, Update Now
Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks
New Linux Malware 'Perfctl' Targets Millions by Mimicking System Files
News in the CryptoCurrency category
Linux malware “perfctl” behind years-long cryptomining campaign
Near-'perfctl' Fileless Malware Targets Millions of Linux Servers
Microsoft and US Government Disrupt Russian Star Blizzard Operations
CeranaKeeper Emerges as New Threat to Thai Government Networks
FIN7 deploys infostealers through deepfake nude generator sites
New OT environment security guidelines unveiled by US, allies
Southeast Asia subjected to China-linked data exfiltration attacks
Third-party misconfiguration exposes Latin American banking clients’ data
Thousands of Adobe Commerce e-stores hacked by exploiting CosmicSting bug
The Secret Weakness Execs Are Overlooking: Non-Human Identities
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)
Intrusions involving critical Ivanti EPM vulnerability underway
Trends: Hardware gets AI updates in 2024
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
CUPS vulnerabilities could be abused for DDoS attacks
Darktrace brings real-time cloud detection and response to Microsoft Azure customers
Malwarebytes Browser Guard updates block unwanted and unsafe content
SocGholish Malware in the Healthcare Sector
Why your password policy should include a custom dictionary
Navigating the Security Risks of Multicloud Management
Dragos Expands ICS Platform with New Acquisition
How Communications Companies Can Prepare for Q-Day
Northern Ireland Police Data Leak Sees Service Fined by ICO
Cybersecurity Spending on the Rise, But Security Leaders Still Feel Vu
Five ways to craft a strategic remediation plan
Legit Posture Score empowers security teams to measure and manage their AppSec posture
Private US companies targeted by Stonefly APT
Threat actor believed to be spreading new MedusaLocker variant since 2022
Crypto-Doubling Scams Surge Following Presidential Debate
Email Phishing Attacks Surge as Attackers Bypass Security Controls
FIN7 Gang Hides Malware in AI “Deepnude” Sites
INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort
AuthenticID Velocity Checks detects fraudulent activities
Telegram revealed it shared U.S. user data with law enforcement
Spotting AI-generated scams: Red flags to watch for
Three hard truths hindering cloud-native detection and response
15% of office workers use unsanctioned GenAI tools
How to use the Apple Passwords app
Ransomware activity shows no signs of slowing down
Whitepaper: Reach higher in your career with cloud security
China-Backed APT Group Culling Thai Government Data
Facebook
x.com
Pinterest
NSA Releases 6 Principles of OT Cybersecurity
4 Ways to Fight AI-Based Fraud
Docker Privilege Escalation. From normal to R00T user using this… | by Smukx | Oct, 2024 | Medium
Here’s Why I Don’t Suggest People to Get into Cybersecurity | by Sathyaprakash Sahoo | Sep, 2024 | InfoSec Write-ups
Secret Linux Commands: The Ones Your Teacher Never Told You About | by Satyam Pathania | Sep, 2024 | InfoSec Write-ups
Sneaking into your documents: How I hacked DigiLocker? | by Prateek Srivastava | CodeChef-VIT | Oct, 2024 | Medium
Jailbreak your Enemies with a Link: Remote Execution on iOS | by Jacob Bartlett | Sep, 2024 | Level Up Coding
‘MathPrompt’ Embarassingly Jailbreaks All LLMs Available On The Market Today | by Dr. Ashish Bamania | Sep, 2024 | Level Up Coding
On the safe side: Protecting McDonald’s in a dynamic environment | by Global Technology | McDonald’s Technical Blog | Oct, 2024 | Medium
14 DrayTek vulnerabilities patched, including max-severity RCE flaw
Zimbra email platform under active attack, RCE possible
North Korea Profits as 'Stonefly' APT Swarms US Co's.
Unix Printing Vulnerabilities Enable Easy DDoS Attacks
Announcing LOLRMM: A Unified Approach to RMM Software Tracking | by Michael Haag | magicswordio | Sep, 2024 | Medium
Fake browser updates spread updated WarmCookie malware
FIN7 hackers launch deepfake nude “generator” sites to spread malware
Critical Ivanti RCE flaw with public exploit now used in attacks
XSS + OAuth Misconfigs = Token Theft and ATO | by Mahmoud Hamed | Sep, 2024 | Medium
14 New DrayTek routers' flaws impacts over 700,000 devices in 168 countries
US CISA adds Ivanti EPM flaw to its Known Exploited Vulnerabilities catalog
Microsoft Office 2024 now available for Windows and macOS users
ACSC and CISA Launch Critical OT Cybersecurity Guidelines
Cybersecurity Awareness Month: A timely reminder to review your security posture
North Korean's Stonefly shifts from espionage to ransomware, extortion
Fake Trading Apps Target Victims Globally via Apple App Store and Google Play
CF Medical Announces Data Breach Stemming from FBCS Data Breach - Security Spotlight
Feldstein & Stewart Data Breach Letter Sent to 8,171 Individuals - Security Spotlight
New York Sports Club Data Breach: 19,836 Individuals Affected - Security Spotlight
Verizon Outage Leaves Hundreds of Thousands Without Service: What Happened? - Security Spotlight
Wells Fargo Announces Data Breach Cause by Unauthorized Access by Former Employee - Security Spotlight
Decade-Old Linux Vulnerability Can Be Exploited for DDoS Attacks on CUPS
FCC Fines T-Mobile US $31.4 Million for Data Breaches - Security Spotlight
Critical Zimbra RCE flaw exploited to backdoor servers using emails
CISA: Network switch RCE flaw impacts critical infrastructure
Python-Based Malware Slithers Into Systems via Legit VS Code
Stonefly Group Targets US Firms With New Malware Tools
Federal threat sharing system revival promised by CISA
Funding round raises $7M for DefectDojo
Significant global cyberattacks poised to soar
US indicts UK hacker behind insider trading scheme
Rhadamanthys information stealer introduces AI-driven capabilities
Cybersecurity Awareness Month: Cybersecurity awareness for developers
China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration
Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals
Pig Butchering: Fake Trading Apps Target Crypto on Apple, Google Play Stores
Sophos Firewall v21: Streamlined management
Ransomware attack disrupts UMC Health System
Sniper Dz PhaaS platform extensively leveraged in cyberattacks
AI part of substantially updated Rhadamanthys infostealer
Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
Mario Duarte, Former Snowflake Cybersecurity Leader, Joins Aembit as CISO to Tackle Non-Human Identities
Harmonic Security raises $17.5 million to improve data security for organizations
Metomic Data Classification automates complex data management workflows
PlexTrac unveils new capabilities to prioritize proactive security remediation
Venafi helps organizations solve more machine identity security problems
Concentric AI helps monitor and remediate risky Copilot activity
DrayTek fixed critical flaws in over 700,000 exposed routers
Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues
Manufacturers Rank as Ransomware's Biggest Target
Normalizing Security Culture: Stay Ready
Top 5 Myths of AI & Cybersecurity
80% of Manufacturing Firms Have Critical Vulnerabilities
Microsoft warns of Windows 11 24H2 gaming performance issues
Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!
5 Must-Have Tools for Effective Dynamic Malware Analysis
Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)
Share of Women in UK Cyber Roles Now Just 17%
Meta Teams Up with Banks to Target Fraudsters
Political Manipulation with Massive AI Model-driven Misinformation and Microtargeting
Andariel Hacker Group Shifts Focus to Financial Attacks on U.S. Organizations
Russian Cyber Offensive Shifts Focus to Ukraine's Military Infrastructure
4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed
Catalogic DPX 4.11 strengthens data security
Security Brief: Royal Mail Lures Deliver Open Source Prince Ransomware
Police arrested four new individuals linked to the LockBit ransomware operation
Enveil enables organizations to securely train machine learning models
SAFE X equips CISOs with integrated data from all their existing cybersecurity products
Balbix D3 accelerates vulnerability mitigation
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
Cybersecurity hiring slows, pros' stress levels rise
Enhancing firewall management with automation tools
Suricata: Open-source network analysis and threat detection
Cybersecurity jobs available right now: October 2, 2024
Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw
What bots mean for businesses and consumers
Arc browser launches bug bounty program after fixing RCE bug
Microsoft fixes Outlook email sending issue for users with many folders
LockBit Associates Arrested, Evil Corp Bigwig Outed
Zimbra RCE Vuln Under Attack Needs Immediate Patching
Pam Lindemoen, CSO & VP, Retail & Hospitality ISAC
Gov't, Judicial IT Systems Beset by Access Control Bugs
Bishop Fox Announces Cosmos Integration With ServiceNow
Kevin Mandia Joins Expel's Board of Directors
Apono Raises $15.5M Series A Funding for AI-driven, Least Privilege Solution Set
Darktrace Announces Acquisition by Thoma Bravo
Evil Corp/REvil malware crime group outed as a family affair
SAP, D-Link flaws among 4 added to Known Exploited Vulnerabilities catalog
Rackspace monitoring data stolen in ScienceLogic zero-day attack
Clumio sold to Commvault in $47M deal
Funding round brings in $20.5M for Apono
UMC Health System diverted patients following a ransomware attack
Evil Corp hit with new sanctions, BitPaymer ransomware charges
Ransomware attack forces UMC Health System to divert some patients
Attackers Targeting Recruiters With More_Eggs Backdoor
British Hacker Charged in the US For $3.75m Insider Trading Scheme
SophosAI at Virus Bulletin ’24: Using multimodal AI as a “sixth sense” for cyber defense
Diehl Defence reportedly attacked by Kimsuky APT
T-Mobile to resolve breach probes with $31.5M settlement
Unsecure Wi-Fi detection included in Microsoft Defender update
AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
New PyPI Malware Poses as Crypto Wallet Tools to Steal Private Keys
Building Your First Web Application with Yii Framework
K-12 Schools and Libraries $200m Cybersecurity Pilot Program
Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues
Ransomware Attack Forces UMC to Divert Emergency Patients
Evil Corp's LockBit Ties Exposed in Latest Phase of Operation Cronos
What are your pet peeves when it comes to tool selection? – Timothy Ball – CSP #194
U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog
Spooky action: Phantom domains create hijackable hyperlinks
Halcyon offers ransomware protection for Linux environments
Police arrest four suspects linked to LockBit ransomware gang
Infrastructure vs. Runtime — Where Are Your Priorities?
Moving DevOps Security Out of 'the Stone Age'
Reachability Analysis Pares Down Vulnerability Reports
Windows 11 24H2 now rolling out, here are the new features
T-Mobile to Pay $15.75m Penalty for Multiple Data Breaches
Dragos acquires Network Perception to boost security in OT environments
Exabeam introduces AI-driven LogRhythm Intelligence
Red Sift Radar diagnoses issues through AI-powered insights
RSA and Swissbit join forces to secure government agencies
Veeam Recon Scanner identifies adversary tactics, techniques, and procedures
H7CTF — WEB CHALLENGES. No Paste | by Josan George | Sep, 2024 | Medium
Considering a Career in Cybersecurity? Watch Battlestar Galactica First. | by Linda Margaret | Brain Labs | Sep, 2024 | Medium
Explore topics
Medium
Sophos announced as inaugural sponsor of The Hacking Games
Why the US doesn’t need another task force on the Chinese cyber threat
News agency AFP hit by cyberattack, client services impacted
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage
AFP News Agency's Content Delivery Systems Hit by Cyberattack
Use Windows event logs for ransomware investigations, JPCERT/CC advises
Ten Million Brits Hit By Fraud in Just Three Years
ISACA: European Security Teams Are Understaffed and Underfunded
OWG Parallax Private Cloud Desktop simplifies business operations
Does the New Infostealer CAPTCHA Infection Actually Work?
North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence
Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials
Apono raises $15.5 million to accelerate product development
We hacked a robot vacuum — and could watch live through its camera - ABC News
Pwning LLaMA.cpp RPC Server
- YouTube
DOJ, Microsoft seize dozens of domains ‘used by Russian intelligence agents’
- YouTube
Accredible • Certificates, Badges and Blockchain
- YouTube
Does the New Infostealer CAPTCHA Infection Actually Work? | InfoStealers
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
Cloudflare Thwarts Largest DDoS Attack in Internet History
A Single Cloud Compromise Can Feed an Army of AI Sex Bots – Krebs on Security
When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying
Attackers exploit critical Zimbra vulnerability using cc’d email addresses
Cybersecurity in Sept 2024-c.pdf - Google Drive
Ransomware Attack in Michigan Cripples Wayne County Government Services
Some Notes on Adversarial Attacks on LLMs - Cybernetist
How the FBI and Mandiant caught a 'serial hacker' who tried to fake his own death | TechCrunch
Experts warn of DDoS attacks using linux printing vulnerability
Lock Down Your Data: Why Every Business Needs a Password Manager Today - CNET
Security is Usability — Examining Cybersecurity Erosion | Pomerium
Russian authorities arrest nearly 100 in raids tied to cybercriminal money laundering | CyberScoop
Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
- YouTube
Kekz Headphones
Understanding Inconsistencies in IP Address Classification Across Programming Languages | by sockpuppets | Sep, 2024 | InfoSec Write-ups
Telegram Confirms it Gave U.S. User Data to the Cops
Class Pollution in Ruby: A Deep Dive into Exploiting Recursive Merges ¡ Doyensec's Blog
- YouTube
Redirecting to ./059-Private_and_Secure_Fuzzy_Name_Matching
- YouTube
HTTP Parameter Pollution in 2024 ! | by Mahmoud M. Awali | Sep, 2024 | Medium
Exploiting AMD atdcm64a.sys arbitrary pointer dereference - Part 2 - hn security
Paypal Opted You Into Sharing Data Without Your Knowledge
- YouTube
- YouTube
The most immediate AI risk isn't superintelligent bots destroying humanity. There's something else.
Rhadamanthys v0.7: New AI OCR Targets Crypto Seed Phrases
Zimbra - Remote Command Execution (CVE-2024-45519)
Exploiting trust: Weaponizing permissive CORS configurations
Ransomware forces Texas hospital to turn away ambulances • The Register
VESTA Admin Takeover by exploiting bash $RANDOM limitations
GitHub - H4NM/WhoYouCalling: Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
CloudCheck enables users to quickly analyse images and determine if they are AI-generated or manipulated, enhancing trust and security in online media. Powered by cloud-native technologies, it offers fast, scalable, and easy image verification.
Add a layer of security to your discord mod communications
A forensic investigation tool for ethical and security defense use.
Internet Security
This project involves creating a custom VPC with subnets, security groups, a Bastion host, and various EC2 instances to simulate a multi-tier architecture.
Zip Slip is a critical security vulnerability that affects archive extraction libraries.
Analyzing Names from the Social Security Administration using Python to create Data Visualizatioons
An Authentication Token Generator is a security tool used to create unique tokens that authenticate users, ensuring they can securely access resources or services within an application. These tokens replace traditional login credentials during the commun
Proof of Concept for Train Tracker App
A robust Javascript script with various tools for Blooket (including hacks).
cryptography-and-network-security
Spring-security-with-JWT
security resources for myself or anyone can come back to when needed
整合式資安建議系統
🏆 AI + Global Health Hack (3rd place): AI-powered medication adherence assistant using computer vision to help patients stay on schedule and personalize healthcare journeys. Reduces healthcare costs through real-time monitoring and intervention.
Roblox Flee-the-Facility hacks hack cheat cheats FtF Speed-Hack Teleport NoClip God-Mode AutoEscape Instant-Win Fly AutoFind-Exit Unlock-All-Maps Infinite-Stamina AutoSolve-Puzzles NoClipping Teleport-to-Exit
This project analyzes DNS and ICMP traffic logs to identify and resolve accessibility issues for a specific website. It highlights the importance of network traffic analysis in diagnosing DNS resolution failures and improving overall network security.
A simple proof of concept camera application built using gstreamer for Windows
Prova de desenvolvimento fullstack. Consiste em criar uma autenticação jwt utilizando spring boot
Atom crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
network-setup-security
Proof of concept sentiment analysis using python interop
Color Hacks Package
It involves the use of computer vision techniques, specifically face detection, and real-time image processing. Additionally, it includes functionalities such as capturing and saving images, cropping detected faces, and playing an alert sound when faces a
Steganography-Cyber-Security
Roblox Bloxburg hacks hack cheat cheats BB Infinite-Money AutoBuild Teleport God-Mode Speed-Hack NoClip Instant-Work-Completion Infinite-Energy AutoDecorate Instant-Gardening AutoHouse Instant-Cooking AutoComplete-Jobs Free-Bills Unlock-All-House-Items In
Security-Event-Simulation-and-Analysis
proof-of-concept-owlswap
Security Function Key
A series of open source and affordable security cam-esque projects
Microsoft-Word crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Healthcare-security-with-ISO-27001
GuildWars2 hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack GW2
Affinity-Designer crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protecti
A concept proof of Spring Boot and GraphQL API
Hacked israel
Roblox hacks hack cheat cheats aimbot ESP speed fly teleport infinite-jump god-mode no-clip auto-farm auto-collect telekinesis wallhack item-spawn anti-ragdoll super-push kill-aura player-ESP item-ESP auto-heal no-recoil auto-block auto-parry
SpringSecurityDemo
Docker crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Proof of concept of running ECS Netcode Server World on a non-main thread
Warframe hacks hack cheat cheats aimbot ESP wallhack infinite-energy god-mode speedhack no-recoil no-spread triggerbot radar-hack silent-aim infinite-ammo instant-respawn rapid-fire cooldown-hack wallhack infinite-stamina ESP auto-farm auto-heal
Sublime-Text crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Some of the best examples of someone hacking my computer. These are files I found and assume are evil. They are NOT safe unless you are sure you know what you are doing.
.github
Proof-of-Concept brute-force password cracking tool.
Roblox Brookhaven hacks hack cheat cheats BH Fly Teleport Speed-Hack NoClip God-Mode Infinite-Money AutoHouse AutoCar AutoTeleport Unlock-All-Cars Infinite-Speed Free-House-Upgrades Infinite-Energy AutoInteract Free-Premium-House Unlock-All-House-Furnitur
Ignite 2.0 (CSDS) Hack Sprint Relay Hackathon
Roblox Tower-Defense-Simulator hacks hack cheat cheats TDS AutoTower-Upgrade Teleport Infinite-Cash God-Mode Speed-Hack NoClip AutoWin Free-Towers Unlock-All-Towers Instant-Upgrade Infinite-Resources AutoCollect AutoSell Teleport-to-Towers
Proof of concept login with protection research
Documentation of my home lab setup using Elastic Stack and Kibana for security monitoring
A collection of small Unity based projects, features, and proof of concepts.
Roblox Murder-Mystery-2 hacks hack cheat cheats MM2 Aimbot ESP Speed-Hack Infinite-Throw NoClip God-Mode Teleport AutoCollect-Knives Unlock-All-Weapons Silent-Aim AutoWin NoRecoil Teleport-to-Coins Unlock-All-Characters Fast-Kill Infinite-Radar Infinite-T
Dual-Security-System
Trove hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack
Setting Up a Proof of Concept Project with Prometheus and Thanos in GitHub Codespaces 🚀
Vegas-Pro crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Neverwinter hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack
Paladins hacks hack cheat cheats aimbot wallhack ESP no-recoil no-spread triggerbot silent-aim infinite-ammo speed-hack teleport god-mode instant-respawn rapid-fire infinite-abilities cooldown-hack anti-flash anti-smoke player-ESP
MatLab crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Roblox Arsenal hacks hack cheat cheats ARS Aimbot ESP Infinite-Ammo Rapid-Fire Fly NoClip Speed-Hack AutoKill Silent-Aim NoRecoil Unlock-All-Skins Infinite-Health Fast-Reload Infinite-Headshots Unlock-All-Guns AutoWin-Battles Unlock-All-Maps Infinite-Resp
share file without storage bucket (Proof Of Concept)
Roblox Shindo-Life hacks hack cheat cheats SL AutoFarm Infinite-Spins God-Mode AutoRank Fly Teleport Speed-Hack Infinite-Chakra AutoTrain Unlock-All-Jutsus NoClip Instant-Mana AutoLevel-Up Infinite-Stamina AutoComplete-Quests
Mabinogi hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack
secure authentication system using Flask, integrating various best practices and security measures to protect user data. It serves as a foundational framework for developing more extensive web applications with robust security features. Developers can use
ArcheAge hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack
FinalFantasy14 hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack ff14
ChainInsure is a decentralized insurance platform that protects users' digital assets against potential losses from hacks and market crashes when assets are used as collateral in a pool. The project is being developed for a hackathon with key features lik
Adobe-InDesign ID crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protectio
This project implements a machine learning-based Intrusion Detection System (IDS) to enhance network security by detecting cyber threats in real-time. Using Kaggle data, it focuses on high detection accuracy, real-time alerts, and scalability, aiming to s
Security Audit for MyCut Comprehensive audit of the MyCut contest rewards distribution protocol. Achieved 2nd place in the First Flight challenge.
Adobe-Illustrator AI crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protec
RFID-based-security-system
NetGuard - Real-Time Malicious Website Detection NetGuard is an advanced phishing and malicious website detection tool, developed as a Chrome extension powered by AI. The project aims to enhance web security by providing real-time alerts, protecting users
Dota2 hacks hack cheat cheats script map-hack camera-hack auto-last-hit auto-deny skill-shot-hack cooldown-hack gold-hack infinite-health god-mode hero-ESP item-ESP auto-skill-use speedhack teleport-hack invincibility fog-reveal no-cooldown
A professional freelance security service website designed to showcase top-notch security solutions. Features include responsive design, testimonials, team facilities, and a focus on client trust and guard training. Built using modern web technologies.
Planetside2 hacks hack cheat cheats aimbot ESP wallhack no-recoil no-spread triggerbot silent-aim infinite-ammo speed-hack teleport god-mode instant-respawn rapid-fire infinite-abilities cooldown-hack anti-flash anti-smoke player-ESP
Implemented a multimodal biometric user authentication scheme using a deventralized fuzzy valt based on Blockchain technology proposed in research paper.– Improved biometric security based on the solution proposed in the research paper
CorelDRAW crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Automated deployment and testing of NextCloud on bare-metal Kubernetes, integrated with CI/CD for functional, security, and performance validation.
Corel-PHOTO-PAINT crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protecti
TheSims4 hacks hack cheat cheats money-hack needs-hack relationship-hack career-hack skill-hack build-mode-hack free-real-estate motive-hack object-modder trait-modder aspiration-modder infinite-satisfaction teleport-hack CAS-hack pregnancy-hack age-modde
springSecurity_project
Ableton-Live crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Cinema-4D crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Security-Concepts
DxO-PhotoLab crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
AdvancedSecurityProject
PhantasyStarOnline2 hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack
ticket_management_application-w-security-
Affinity-Photo crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Furnify is a full-stack furniture rental platform built with HTML, CSS, JavaScript, React, and 3.js for 3D modeling. Backend is powered by Node.js, PostgreSQL, and RESTful APIs. Hosted on Vercel with Azure Authentication for security. Offers seamless data
GIMP crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
This project is done by the MIIT Cyber Security Club (MCSC).
Security-sample-same-class-for-AuthProvider_-_UserDetailService--Navin-Reddy
DCUniverseOnline hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack
My cyber security project portfolio
Figma crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Cyber-Security-Club
Proof of concept in Java for unit testing
KTU-System-and-Network-Security-Lab
StarWars:TheOldRepublic hacks hack cheat cheats botting speedhack god-mode infinite-health infinite-mana auto-farm quest-hack fly-hack wallhack god-mode instant-respawn auto-loot map-hack mob-ESP resource-ESP cooldown-hack auto-heal skill-hack
SketchUp crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
food-security
A decentralized platform connecting volunteers and freelancers with organizations in need, utilizing blockchain for transparency and security.
Microsoft-PowerPoint crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-prote
Microsoft-Outlook crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protecti
Network-security-config
a repo where Brutal Zip Proof of concept releases will be released for public feedback
An Open-Source device tool for wifi, bluetooth hacking
WorldofWarships hacks hack cheat cheats aimbot ESP wallhack infinite-ammo god-mode speedhack no-recoil radar-hack silent-aim teleport auto-repair auto-reload infinite-fuel ship-ESP no-spread rapid-fire instant-respawn auto-fire WOW
External GFA (on disk) representation of GFA files (proof of concept)
Safely deserialize pickle files.
DeadbyDaylight hacks hack cheat cheats ESP no-cooldown speedhack infinite-health god-mode instant-heal teleport wallhack player-ESP killer-ESP infinite-items skill-check-hack auto-escape map-hack infinite-perks auto-repair instant-break dbd
Git basics, github basics, python error basics!! Let's get hacking on GroundStation :)
Ableton-Live crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
CrossFire hacks hack cheat cheats aimbot ESP wallhack no-recoil no-spread triggerbot silent-aim infinite-ammo speed-hack teleport god-mode instant-respawn rapid-fire infinite-abilities cooldown-hack anti-flash anti-smoke player-ESP
Bravo Security Services ANPR system is a cutting-edge solution that leverages advanced technologies to accurately detect and recognize vehicle license plates. This system is designed to enhance security, streamline operations, and provide valuable data fo
Random Password Generator is a web app built with HTML, CSS, and JavaScript that generates secure 16-character passwords. Users can create two random passwords with a single click and copy them to the clipboard for easy use. This tool ensures strong, uniq
Recourses and PDFs
an simple and written security bot for discord by sebanism
This project demonstrates the integration of security practices into the software development lifecycle using a simple Node.js application. The project includes a CI/CD pipeline configured with GitHub Actions to automate testing, linting, and security sca
WarThunder hacks hack cheat cheats aimbot ESP radar no-recoil wallhack infinite-ammo speedhack god-mode silent-aim auto-pilot infinite-fuel plane-ESP tank-ESP boat-ESP radar-hack auto-reload no-gravity infinite-stamina rapid-fire
Avid-Pro-Tools crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Wondershare-Filmora crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protec
Final-Draft crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
HCMUS-CSC18101-AI-for-Security
Share mathematics on the web with LaTeX and Markdown, with enhanced security.
Proof-of-Concept
EscapefromTarkov hacks hack cheat cheats aimbot ESP wallhack no-recoil no-spread triggerbot radar-hack silent-aim infinite-ammo speed-hack god-mode instant-respawn rapid-fire infinite-abilities cooldown-hack anti-flash anti-smoke player-ESP EFT
Eclipse crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
CallofDutyWarzoneMW3MW2 hacks hack cheat cheats COD Warzone2 MW3 MW2 aimbot ESP radar no-recoil wallhack silent-aim infinite-ammo speed-hack teleport god-mode UAV-hack loot-ESP player-ESP triggerbot auto-fire no-spread rapid-fire anti-aim magic-bullet
Made for RITSEC Red Team - Offensive Security
The Advanced Caesar Cipher Tool integrates the traditional Caesar Cipher with AES encryption to provide enhanced security. This hybrid solution enables secure encryption and decryption of messages, accessible through a user-friendly GUI built with Tkinter
DeadbyDaylight hacks hack cheat cheats ESP no-cooldown speedhack infinite-health god-mode instant-heal teleport wallhack player-ESP killer-ESP infinite-items skill-check-hack auto-escape map-hack infinite-perks auto-repair instant-break dbd
Fortnite hacks hack cheat cheats aimbot ESP wallhack no-recoil speed-hack teleport god-mode infinite-ammo instant-build radar-hack silent-aim auto-revive auto-farm material-ESP player-ESP loot-ESP triggerbot rapid-fire anti-aim item-teleport
Sketch crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Visual-Studio crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
comp547_Cryptography-and-Data-Security
CounterStrike2 hacks hack cheat cheats cs2 cs-2 aimbot wallhack triggerbot ESP no-recoil no-spread bunny-hop spinbot radar-hack anti-aim silent-aim knife-bot auto-pistol auto-strafe grenade-prediction fake-lag anti-flash anti-smoke third-person
Minecraft hacks hack cheat cheats x-ray ESP fly speed auto-build instant-mine god-mode teleport reach noclip fast-place scaffold infinite-health infinite-food radar fullbright anti-knockback chest-ESP player-ESP cave-finder speedmine auto-fish no-fall
INFOSEC, NIST Risk Management Framework, Security Audits, NIST Cybersecurity Framework, Incident Response Playbooks, CISSP, CIA triad, TCP/IP model, Network Architecture, Network Communication, Security Hardening, Network Security, Cloud Networks.
Sony-Sound-Forge crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protectio
Rust hacks hack cheat cheats aimbot ESP wallhack no-recoil no-spread triggerbot radar-hack silent-aim infinite-ammo speed-hack god-mode instant-respawn rapid-fire infinite-abilities cooldown-hack anti-flash anti-smoke player-ESP health-ESP
SeaofThieves hacks hack cheat cheats Sot aimbot ESP wallhack speedhack teleport god-mode infinite-health infinite-ammo no-recoil silent-aim radar-hack auto-loot instant-repair boat-ESP player-ESP chest-ESP fish-ESP infinite-wood auto-bucket sot
udemy_spring_security_secction_19
Roblox Super-Hero-Tycoon hacks hack cheat cheats SHT Infinite-Money AutoCollect Speed-Hack Fly NoClip God-Mode AutoAttack Unlock-All-Superpowers Instant-Build Unlimited-Cash Teleport Unlock-All-Weapons Instant-Skills
Learn from cybersecurity experts at Google and gain in-demand skills that prepare you for entry-level roles like cybersecurity analyst, security operations center (SOC) analyst, and more.
This project is a Java-based client-server application designed for a delivery service. Users can register, view, and delete their accounts while ensuring data security and compliance with GDPR (General Data Protection Regulation). The application utilize
is a PoC exploit targeting a specific vulnerability in the Linux kernel (CVE-2024-0582)
A proof of concept for the Mug Engine University Project
WorldofWarcraft hacks hack cheat cheats wow botting speedhack teleport infinite-health infinite-mana auto-farm quest-hack fly-hack wallhack god-mode instant-respawn auto-loot map-hack mob-ESP resource-ESP cooldown-hack auto-heal skill-hack
LeagueofLegends hacks hack cheat cheats script zoom-hack evade last-hit combo-bot skin-hack cooldown-hack auto-ignite auto-smite vision-hack wall-hack no-CD flash turret-hack auto-heal lane-prediction map-hack ward-ESP skill-shot-dodge lol
Information network security notes
JetBrains-WebStorm crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protect
Suricata - IDS for Network Security Monitoring
my solutions for meta hacker cup
GenshinImpact hacks hack cheat cheats infinite-stamina ESP speedhack teleport infinite-health god-mode auto-loot cooldown-hack infinite-energy auto-heal item-ESP chest-ESP wallhack fly-hack damage-hack auto-quest auto-kill mob-ESP
Cryptography project
java 17, spring boot 3, thymeleaf, mysql, jpa, hibernate, spring security 6, spring boot mail, bootstrap, html, Docker, clevercloud, render
MapleStory hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack
A repository which contains blackhat hacking courses
Zero-Trust-Security-Model
Laryngeal cancer triage proof of concept
automate the boring stuff with python exercise create a minigame in python
Smart Contract Security Testing Guide (SCSTG)
Secure Coding Review Objective: Choose a programming language and application to review for security vulnerabilities. Description: Provided recommendations for secure coding practices using tools like static code analyzers and manual code review.
ITS XSS FOR HACK THE BOX LAB BE CAREFUL
proof of concept
International security and containment assosiation webpage.
eFootball 2025 unlimited coins generator with 300000 coins glitch HACKS for mobile ps5 xbox
Develop a network-based intrusion detection system using tools like Snort or Suricata. Description: Set up rules and alerts to identify and respond to suspicious network activity. Explored techniques to visualize detected attacks. Outcome: Enhanced my und
3D Engine For Cyber Security
Hack private 1.19.2
This project demonstrates the implementation of Spring Security features using Java 21
DemoSpringSecurity
projeto-com-Java-Security
SecurityJourney
A list on basic and advanced security practices focussed on privacy and security
2024-10-Security-part-3
Neighborhood_Watch_Security_App
Project developed for the Systems Security curricular unit where the aim was to create and configure a Linux server that would be securely exposed on the Internet
A proof of concept exploit for Referer-based Cross-site Scripting (XSS)
2024-10-Security-part-2
WordPress Plugin Mirror System Proof Of Concept
Simple movies api / NodeJS & Express.js proof of concept
Nagios check for Cisco IOS with port-security without learned MAC adress
This is a concise documentation of my Security Research journey.
GSM-Based-security-door-alarm-system-using-microcontroller
This is a proof of concept utilizing the concepts of enabling partial branch response on AWS lambdas for retrying failed events.
2024-10-Security-part-1
Spring-Security
Proof of concept applications to test stuff
Security company
SpringBoot-Security-Application
Understanding Currents for Sailing.
Proof of concept for a packaged test suite that uses pytest, Docker Compose, and Selenium
A sample proof of concept application
Hello World Web/App development
social-security-calculator
(yt-dlp) Proof-of-concept RPC server implementation
SecondSecurityApp
Spring RestfulApi , Security , Jwt Authentication , React state
Safety and Security concerns
A messy, proof-of-concept TUI decompiler written in C++
Desarrollo de blog personal con Spring Boot, JPA, Security, MySQL, Thymeleaf y Bootstrap.
Nuclear IT-Hack | MTS Link
Information-Security-Lab
Kia und Hyundai-EV schalten unter 8A auf 2-phasiges Laden. evcc oszilliert. Dieser Hack soll das verhindern
estudos, spring security framework Java.
sq1_security_task
My Mkdocs Blog for Cyber Security
Proof of concept website for testing the Socket.io lib
This project explains login validation as we as securing the method
test-inventario-security
securitysite
SIB5100_Information_Security_and_Management
network scanner is a tool that quickly scans a network for active devices, identifying their IP addresses, hostnames, and operating systems. It's a powerful and easy-to-use tool for network administrators and security professionals. With its simple and in
security-test-b
Fundamentals of Information Security D-430 study resources and GPT prompts.
a grid based game i made in visual studio. there isn't much as it was just a proof of concept for C#'s event based programming.
This repository features a fullstack e-commerce application using Spring Boot for the backend with Spring Security and JWT for authentication, and React.js for the frontend with Redux for state management. Key features include user authentication, product
This project uses OpenCV and deep learning to detect and identify individuals in a room from video or images. By leveraging facial recognition and object detection models (e.g., TensorFlow or PyTorch), it processes streams, identifies people, and tracks
A set of proof-of-concept of a couple of attacks for the minor cyber security
LED-Array embedded rust proof-of-concept on the micro:bit v2
docker-security
a simple audio fingerprintng app that demonstartes who shazam works. It only works for the atttached database of audios but shazam's database is way bigger. This app is just the proof of concept
iot-security-system
Proof-of-concepts
Proof of Concept for MSFT PHI SLMs
AutoBump Discord Self Bot - Proof of concept
GenAlLab-poc is a proof-of-concept project aimed at exploring the capabilities of generative AI. Resources
Improve document security. Create variations using AI. Detect source of leaks
VEX-SECURITY
ApplicationSecurity
A simple tool for transfering data using the DNS protocol.
Space for UX/UI issues in design, draft, proof of concept, or without development implications to iterate
Sample Code developed for proof of concept
security-check-points
Microservice with SpringBoot 3.3.4 with Java 23 and Jakarta EE 10. Microservices with AOP, Exception, Crypto and Security (JWT) Framework.
SpringSecurityImpl
Iris-based-atm-security-system
SecurityPhantom-Force-attacks-on-FTP-and-SSH-services
Roblox Hacks here.
k8s-security-hardening
A collection of cybersecurity scripts for network security, ethical hacking, and cryptography tasks
Proof of concept to rebuild web app for https://ninepro.webflow.io/
RepTest_Security
Codespace powered Akeyless Security Lab-To-Go environment
CyberSecurityApplication
security2
Resources to Learn Hacking
Config files for my GitHub profile.
Linux is an open-source operating system that was initially developed as a free alternative to proprietary Unix-based systems. Linux is known for its stability, security, flexibility, and scalability, making it an ideal choice for DevOps practices.
A Proof-of-Concept for a kids specific browser which provide content-moderation and safe-browsing using Gradio
system api lab de exemplos de configuraçþes de segurança Mule
spring-security
Datacom-Cyber-Security-Job-Simulation
Proof-of-Concept application to intelligently process email order requests and customer inquiries for a fashion store.
The CSRF (Cross-Site Request Forgery) middleware in Lithe is a security layer that protects your application from attacks that attempt to perform actions on behalf of the user without their authorization. These attacks can occur when an authenticated user
This is intended to be the CFRG draft containing security considerations for ML-KEM
Este repo es un blog/portfolio dedicado a la ciberseguridad, donde comparto mis experiencias, aprendizajes y mĂĄquinas CTF de diversas plataformas. AquĂ­ encontrarĂĄs writeups detallados, proyectos relacionados con la ciberseguridad, y artĂ­culos sobre hackin
Spring Security Sample1
Proof of Concepts where we can on Focus Mode in Apple Devices
Proof of concept and C++ pre-cursor to a Real Estate Sales Management System
A web-based messaging application designed for secure communication. The app supports end-to-end encryption for text messages, ensuring data privacy and security. Implemented using modern technologies including Node.js, React, and MongoDB.
Proof of Concept
Proof of concept
What concern you have in mind regarding ICT and Digital Security in Bangladesh?
Netplix 구독형 멤버십 프로젝트로 배우는 Spring Security - 인증서버와 애플리케이션 분리 프로젝트
api-database-security
HACKER RANK
DataSecurity
info-security-design
Honeypot ssh server based on LibSSH.
Default open source projects templates (CONTRIBUTING.md, CODE_OF_CONDUCT.md, SECURITY.md, etc.).
A full-stack online food delivery app with Spring Boot and React along with Spring Security and Payment Gateway
Detecting SQL injections with Dynatrace
This project is a zkDapp project for Level Up Mini-Hack Scroll x Alchemy in which the voting persons are not exposed thanks to zk
CryptiPass is a Go library for generating high-entropy, pronounceable passphrases. It creates secure, human-friendly passphrases by combining randomness with pronounceable word generation, ensuring both security and memorability.
GUI-based multiplication game for my Level 3 Cyber Security course.
This project contains various Proof of Concepts (POCs) implemented using ReactJS to demonstrate core design patterns and functionalities.
A simple and efficient Transaction Management Service developed in Go, designed to facilitate the handling of financial transactions in a scalable manner. This service provides essential functionalities for creating, managing, and monitoring transactions,
cyber_security_bootcamp
MemoryAwareStruct can be used for temporary data storage. This class is designed to manage data in a dictionary with a memory-safe approach and multi-threaded access.
os_security
Spring Boot project including: Spring Boot Core features, JPA/Hibernate, Spring Boot REST CRUD API, Spring MVC CRUD Web App, Spring Security, AOP
ZBrush crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
BladeAndSoul hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack BNS
FinalFantasy14 hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack ff14
WarThunder hacks hack cheat cheats aimbot ESP radar no-recoil wallhack infinite-ammo speedhack god-mode silent-aim auto-pilot infinite-fuel plane-ESP tank-ESP boat-ESP radar-hack auto-reload no-gravity infinite-stamina rapid-fire
AlbionOnline hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack
WorldofWarships hacks hack cheat cheats aimbot ESP wallhack infinite-ammo god-mode speedhack no-recoil radar-hack silent-aim teleport auto-repair auto-reload infinite-fuel ship-ESP no-spread rapid-fire instant-respawn auto-fire WOW
PhantasyStarOnline2 hacks hack cheat cheats ESP auto-loot god-mode infinite-health infinite-mana speedhack teleport cooldown-hack damage-hack wallhack map-hack auto-farm skill-hack item-ESP mob-ESP auto-dodge auto-heal fly-hack radar-hack
Roblox Royale-High hacks hack cheat cheats RH Fly Diamond-Hack AutoFarm Infinite-Energy Speed-Hack Teleport NoClip AutoDress AutoComplete-Quests Infinite-Jumps God-Mode Infinite-Diamonds AutoWin-Pageants Instant-Level-Up Free-Wings Instant-Class-Completio
Paladins hacks hack cheat cheats aimbot wallhack ESP no-recoil no-spread triggerbot silent-aim infinite-ammo speed-hack teleport god-mode instant-respawn rapid-fire infinite-abilities cooldown-hack anti-flash anti-smoke player-ESP
securityteam
PUBG hacks hack cheat cheats aimbot ESP wallhack no-recoil no-spread triggerbot radar-hack silent-aim infinite-ammo speed-hack god-mode instant-respawn rapid-fire infinite-abilities cooldown-hack anti-flash anti-smoke player-ESP health-ESP
Roblox Work-at-a-Pizza-Place hacks hack cheat cheats Work-at-a-Pizza-Place AutoFarm Infinite-Money Speed-Hack Fly NoClip Instant-Delivery AutoCook AutoComplete-Orders Unlock-All-Items Infinite-Cash AutoDecorate Instant-Build Free-Tips AutoServe-Clients Au
Roblox Arsenal hacks hack cheat cheats ARS Aimbot ESP Infinite-Ammo Rapid-Fire Fly NoClip Speed-Hack AutoKill Silent-Aim NoRecoil Unlock-All-Skins Infinite-Health Fast-Reload Infinite-Headshots Unlock-All-Guns AutoWin-Battles Unlock-All-Maps Infinite-Resp
Adobe-InDesign ID crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protectio
Vepar Botnet distributed system to make Distributed Denial of Services Attacks (DDoS)
DaVinci-Resolve-Studio crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-pro
Roblox Tower-Defense-Simulator hacks hack cheat cheats TDS AutoTower-Upgrade Teleport Infinite-Cash God-Mode Speed-Hack NoClip AutoWin Free-Towers Unlock-All-Towers Instant-Upgrade Infinite-Resources AutoCollect AutoSell Teleport-to-Towers
StarWars:TheOldRepublic hacks hack cheat cheats botting speedhack god-mode infinite-health infinite-mana auto-farm quest-hack fly-hack wallhack god-mode instant-respawn auto-loot map-hack mob-ESP resource-ESP cooldown-hack auto-heal skill-hack
Roblox Pet-Simulator-X hacks hack cheat cheats PSX AutoFarm Infinite-Coins Pet-Duplication Instant-Hatch NoClip Teleport Speed-Hack AutoSell Unlimited-Pets AutoCollect Free-Robux Unlock-All-Items Infinite-Energy AutoUpgrade
Microsoft-Excel crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
XAMPP crack keygen serial-key free-download license-key activation-crack cracked-software torrent no-activation-needed patch full-version-free unlocked repack activation-bypass warez key-generator activation-code software-hack bypass-protection
Roblox Bloxburg hacks hack cheat cheats BB Infinite-Money AutoBuild Teleport God-Mode Speed-Hack NoClip Instant-Work-Completion Infinite-Energy AutoDecorate Instant-Gardening AutoHouse Instant-Cooking AutoComplete-Jobs Free-Bills Unlock-All-House-Items In
Planetside2 hacks hack cheat cheats aimbot ESP wallhack no-recoil no-spread triggerbot silent-aim infinite-ammo speed-hack teleport god-mode instant-respawn rapid-fire infinite-abilities cooldown-hack anti-flash anti-smoke player-ESP
Nuclear IT Hack с задачей "МТС Линк. Использование ИИ в продукте"
security-web
Roblox Tower-of-Hell hacks hack cheat cheats TOH Fly Teleport-to-Finish NoClip Infinite-Jumps Speed-Hack AutoLevel-Skip God-Mode Freeze-Time AutoClimb Teleport-to-Players Disable-Obstacles AutoComplete-Levels Unlock-All-Towers Infinite-Currency No-Gravity
Rust hacks hack cheat cheats aimbot ESP wallhack no-recoil no-spread triggerbot radar-hack silent-aim infinite-ammo speed-hack god-mode instant-respawn rapid-fire infinite-abilities cooldown-hack anti-flash anti-smoke player-ESP health-ESP
first-spring-security-app
Our Apex Legends hacks and cheats stand out as some of the most accessible and dependable options in the online realm. Sign up on our platform, ascend to VIP membership, and acquire access to our suite of hacks. With our instant delivery system
1.8.9 hacked client mainly centered and mastered for ghost cheating on hypixel duels, but some blatant features, staff detector, disablers ect
security-module
Game Cheat Imgui Hack Menu Cpp
terraform-aws-security-group
This is a Python-based blockchain node implementation using post-quantum cryptography, designed as a proof of concept for integrating more secure cryptographic functions into blockchain systems. Developed for NYCHAQ, a quantum computing hackathon, this cl
Project for cyber security notes and related content.
Scripts to gather information about Clients (for Offensive-Security)
Atricore: Enhancing Security through MidPoint and SIEM Integration Webinar
In this project I enhanced the efficiency of Security Operation Centers (SOCs) by developing a machine learning model that can accurately predict the triage grade of cybersecurity incidents happens in microsoft.
Copilot-for-Security-Plugins
Some scripts in Python for ethical hacking
A powerful NodeJS-based thief designed to extract data from Chromium and Firefox-based browsers. Malware that steals all tokens, cookies, wallets, and more... it steals all disks and system users.
security con jwt
TooDoo is a simple personal to-do application hosted through backend REST API complete with security features.
InterRIoT-2024S2-FastAPI-Security-1-PBAC
codehawks-security-portfolio
Api_securitytest_framework
A decentralized voting application built with Next.js for the frontend and Kalp Studio for the Smart Contract. This app allows users to cast votes for candidates, retrieve real-time results, and ensures transparency, security, and immutability in voting t
Educational command line hacking.
This project is about setting up a Metasploitable 2 virtual machine and a Kali Linux virtual machine in VirtualBox. Then doing some basic hacks on the Metasploitable VM. Then doing a Nessus scan to create a vulnerability report.
InformationSecurity
ComputerSecurityEduLabsAndProjects
Proof of concept for monitoring Odoo with Grafana
Implementation of a secure messaging service and development of an automated tool for analyzing email attacks, designed for SOC (Security Operations Center) analysts.
The HTTP Header Security Scanner is a powerful tool designed to analyze and evaluate the security headers of websites. It provides both single URL and bulk URL scanning capabilities, along with an analytics dashboard for holistic header security insights
dtl-ms-security
Upcoming Hack Club YSWS where you can rice your Linux desktop and submit your dotfiles to get free programmer socks
Summarize Hacker News by first extracting/summarizing (w/OpenAI) each thread and all resources before creating overall outline
What's going on down there? Kernel sniffing using eBPF.
computer_security_final_project
Plugin for Caldera
Motion detection
These are all of my security audits, incident reports, and presentations I've created for simulated cybersecurity situations . These documents are intended to demonstrate my knowledge in cybersecurity, and to show that I can fulfill the neccessary duties
The AWS S3 Bucket Auditor is a Go-based command-line tool that performs a comprehensive security audit of your Amazon S3 buckets. It integrates with AWS Macie to check for sensitive data, providing intelligent insights while ensuring data privacy and secu
Hack A Boss - Learning Python 3
Proof of concept for fusing 2 Roboflow AI Models and running completely offline with Python (native GUI)
Repo for Copilot for Security plugins
GreenhouseSecurity
hacking
A knowledge source about TTPs used to target GenAI-based systems, copilots and agents
Certified Ethical Hacker (CEH), ISC2 CC, and LetsDefend SOC Analyst Badges.
hack club hackpad!!!
A macropad (mini-keyboard) You Ship, We Ship (YSWS) by Hack CLub
Deep Learning roadmap I made to help the members of Hack Club Colts Neck self-study.
CTU Hacking && Algorithm Club ICPC, OLP Training
Homebrew tap for vivaria, METR's AI evaluation tool
Disclaimer: use this script for educational purpose only & don't use this script for illegal hacking.
This repository is for storing labs on the subject "Security and data protection"
A tool for managing employee accounts, profiles, attendance, salaries, and leave requests. Includes secure login, audit logs, and strong system security. User-friendly for both admins and employees.
Proof of Concept by the EcoCommons Australia team on how EcoCommons outputs can be integrated into Marxan Platform
Rough implemention of baseline model of Chen (2010) - A Life-Cycle Analysis of Social Security with Housing
A small proof of concept library that allows users to build colour spaces from small reuseable chunks as opposed to creating monolithic config files
ecen522r-hw-security
Proof-of-concept PWA for NeoLens.ai
The Secure Chat App is a real-time messaging application designed with security and privacy in mind. It leverages WebSockets for efficient, low-latency communication and employs RSA encryption to ensure that messages are securely transmitted between clien
spring-security-api
GitHub Action to filter comments for suspicious content.
Ejemplo de utilizacion de spring security para la autenticacion de los usuarios
Password Genie is a web project developed in Angular that provides a web tool for generating customizable passwords, as well as a tool for checking password security and offering other security tips.
Network_Security
Network_Security
Security solution for Minecraft
This is a little project I'm doing to grasp my understanding on spring and spring boot basics, spring security and building RESTful APIs.
Apirest de autenticacion JWT (Json Web Token) con Spring Security. Java, Springboot, MySQL.
Minimum Security Requirements for Space Cybersecurity
Security-Audits
这个Python程序是一个强大的哈希生成器,它结合了15种哈希算法和独创SNF技术,以生成强壮而安全的哈希值。
Complete instagram phishing page.
Proof of concept to demonstrate a RESTful API using APIM
The best flashing tool available on the internet. Coin Flashr is a software application that provides Proof-of-concept Bitcoin flashing, and USDT flashing. Available for PC, android and IOS.
The Passgerator is a simple, secure and robust random password generator.
Open source O-RAN 5G security testing tool
security-jwt-token
Proof-of-concept gir parser developed in Vala
Cyber Security
security-compliance-toolkit
AB-testing-proof-of-concept
🏴‍☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
Proof of Concept Viewer for the browser
alfa-security
A collection of functions that call the SailPoint Identity Security Cloud API.
Web-Security-Academy
BusinessAppSharpBuilder is a framework that runs on .NET 8. It is designed to speed up the development of business-oriented from a back-end viewpoint.
security-pipeline
Phishing tracker is a web application designed to combat phishing threats by providing a secure platform for tracking and analyzing phishing events. It adheres to best security practices (OWASP Top 10, Secure Coding Practices, API Security) to safeguard
Simple flexible and portable CV as website with general info, skill and experience description
PermGuard: Open Source Authorization for Multi-Account, Multi-Tenant with Policy-as-Code
Android WebView wrapper with secure defaults to avoid security issues caused by misconfiguring WebViews.
A proof-of-concept version of the Effection API based directly on delimited continuations that observe structural concurrency guarantees
Cryptography-Information_Security
Welcome to the BraniacWiz Quiz Game, a decentralized application built on the Ethereum blockchain platform. This quiz game allows users to create and participate in quizzes while leveraging the security and transparency of blockchain technology. Dive into
Mirror of my Website.
🚀 Enterprise-grade Android Monitoring with Elastic: Streamline Fleet Management and Security Insights. 📊
The Happy Birthday Box is an offensive social engineering multi-tool for Windows that combines an email spoofer, a SMS spoofer and a voice cloner in a single application.
Various standard/custom RL environments for proof of concept
The africana-framework is a software designed for network & web hacking by automating as much stuff as possible to detect vulnerabilities on most common services and web technologies. It also has some wide range of penetration testing from internal networ
Charudatta's blog, hosted on GitHub, features a collection of insightful articles and musings. Charudatta, an AI-ML engineer from India, delves into topics like privacy, data security, and GANs. With a focus on open source and a penchant for learning, Cha
Proof of concept for integrating Doctrine ORM into TYPO3 / Extbase
Anaconda scripts for dynamic partitionning and ANSSI security profile support
Open Source FiveM Anticheat, Panel and Bot project! Give us a Star ;)
A repository dedicated to maintaining a secure, stable environment by pinning critical library versions to protect against vulnerabilities and ensure compatibility.
The open source Tines / Splunk SOAR alternative.
a description and proof-of-concept of a proposed flavor of markdown for end-users on social websites
Proof of Concept Project; a user - ChatGPT (GPT-4) search query application, using Flutter, .NET, and ChatGPT. The app consists of 4 main components; the C# .NET backend server connected to a SQL Server Database and ChatGPT Api, with the Flutter client ap
Epistemic Logic with Actions for Security Protocol
A java API with Spring Boot 3, Spring Security 6, Swagger/OpenAPI 3, Logstash, Consul and Keycloak
A public repository for general guidance and thoughts on managing and updating z/VM security. This probably should have been a blog.
Aqui vou deixar conteúdos e trilhas de estudo sobre Cyber Security com foco principal em operaçþes de Red Team, mas antes de adicionar conteúdos avançados irei deixar toda a base para que você posso dominar esse campo.
web-security
The "aws-account-baseline" is an open-source Terraform module designed to provide a standardized foundational setup for AWS accounts. This module ensures that key security and management configurations are consistently applied across all your AWS accounts
API Returning/Manipulating Resources and Validating Input; Services, Dependency Injection and Entity Framework Core; Searching, Filtering, and Paging Resources; Securing, Versioning, Documenting and Rate Limiting API; Unit Testing; Consuming API with Http
Securing a MudBlazor UI web application using security headers and Microsoft Entra ID
This is a curated list of awesome security tools used by analyst on the daily basis for Blue & Red Teaming Teaming.
Collection of Microsoft Identity Threat Detection and Response resources.
Emburse Responsible Disclosure Program - Security.txt
Security Presentations
A blog page that created with the MERN stack with great security with cookies and credentials
TU Dublin - Cyber Security
Repository for hosting security related PowerShell scripts.
📘 Anki's version of OWSAP Top 10. The OWASP Top 10 🪲 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
A Minecraft plugin that enhances your server's security.
Various Proof of Concepts
Generate robust, random passwords to fortify your online security. Don't be a victim of cyber attacks.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Proof of concept how to handle custom per diem rate requirements
Resonance Security public audits
Xygeni platform - software supply chain security
A .NET tool for encrypting .NET user-secrets using SOPS
Orchestration and Automation Rules engine for Security GRC
azure-security-review
SCuBA Secure Configuration Baselines and assessment tool for Google Workspace
My first project!!! For hacks-for-hackers.
kani (カニ) is a highly hackable microframework for chat-based language models with tool use/function calling. (NLP-OSS @ EMNLP 2023)
Proof of concept profile fitting and integration with neural nets
Java Proof of Concepts and Competitive programming
Reverse engineering and hacking 10th generation Honda Civic headunits
Modules for security audits
Flowpipe is a cloud scripting engine. Automation and workflow to connect your clouds to the people, systems and data that matters.
Open-source home security system
A symfony chatbot Proof of concept, by using botman lib, Sonnet 3.5 Anthropic model, YoutubeV3 api and other apis.
PREVENTS/AVO multidisciplinary graphing (proof-of-concept)
Secure firmware framework focusing on developer experience
Guide for hacking your reMarkable tablet
Cyber Security Awareness Framework (CSAF)
A collection of acronyms from business, technology, infosec, and engineering
Exploring the physical limits of trusted hardware in the classical and quantum settings to achieve security through physics.
A Discord-like chat application optimized for security, stability, speed, and ultimate customization.
Enables best security practices for your project from day zero.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
The compilation of filters for AdGuard Home🚧
For hackers by Hacker.This tool is used for hacking and made easy for everyone this tool is based on Arch_linux.
A high-performance, modern, C++20 library designed around game hacking
Embed a ZIP or JAR file within a PNG image to create a tweetable and "executable" PNG-ZIP polyglot image file.
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Cyber Security Notes, Methodology, Resources and Tips
a framework for building java codemods
Automation to assess the state of your M365 tenant against CISA's baselines
Proofs of Concept
Sharing our knowledge and resources in the field of cyber security.
A Giant Swam App for deploying the Aqua Security Trivy operator
This repository contains a simple geolocation api microservice, fast, reliable, Kubernetes friendly and ready written in go as a proof of concept.
GBA ROM hack of PokĂŠmon Emerald with a brand new region and a darker storyline. Built with the pret pokeemerald decompilation project.
Go implementation of Tink
Hacker News
SecuritySnack data that doesn't fit into a single tweet.
autumo beetRoot - Slim & Rapid Java Web Framework
:gem: RapidFort hardened secure images
pypi-zope.security
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
Cybersecurity framework developed in C, Ansi-style
The repository of NexNix, an operating system aimed to be fast and secure, with the right balance of simplicity and power
A GitHub Action for authenticating to Google Cloud.
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and res
Enhance NGINX Observability and Security with Datadog's Module
🔏 Create an RFC 9116 compliant security.txt file.
PostgreSQL extension that secures a cluster on a cloud environment
All projects related to Cyber Security
A personal portfolio relating to cybersecurity and hacking
A collection of hacks, mods, tools, tips & tricks, specifically focused on the reMarkable 2
Spring Boot RSoket Example with security.
Feedback and support for HacKit, a native macOS Cocoa app for reading Hacker News.
:octocat: Github action to run PyCQA's bandit security linter.
ColecciĂłn de cheatsheets de varias herramientas.
Java client libraries and example applications for the Ubiq Security Platform (Mirror of https://gitlab.com/ubiqsecurity/ubiq-java)
ESLint Plugin focused on common security issues and misconfigurations.
RAm-only chaT. Inspectable code and industry standard encryption.
Elastisys Compliant Kubernetes is an open source, Certified Kubernetes distribution designed according to the ISO27001 controls: providing you with security tooling and observability from day one.
A personal list of various resources for those who are interested in learning about infosec and hacking and keeping themselves up to date. This is by no means a complete nor fresh list, but I occasionally add entries to lists.
山姆的IT日常
Webshop Security ScannerThis tool can be useful for security researchers or website administrators to analyze and gather information from target websites
Monitor your javascript files and detect unauthorized changes.
Labs and modules in the foundational skills for cyber security, intended to augment the SANS Cyber Aces modules
Information security and quality assurance certification projects.
Workshops organized to introduce students to security, AI, blockchain, AR/VR, hardware and software
OpenID, OAuth 2.0, SCIM2.0, UMA2.0, FAPI, CIBA & OPENBANKING Framework for ASP.NET Core
A quick, handy little utility written on Parrot Security for managing CUPS
This is a simple apache2 control script to save a little typing for Parrot Security OS users.
🐳 VMs are bloat. Dockerise your VAPT environment
Tfsec is now part of Trivy
Official website of the European Initiative for Security Studies
Token-based authentication using Spring Boot and JWT
Nextcloud Security Scan monitoring for Zabbix 3.4+
HackerOne "in scope" domains
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Log of Hacker News submissions and comment threads https://westurner.github.io/hnlog
Low interaction MySQL honeypot written in C
Immunization Information System Kernal - Proof of Concept
CSCD27 Computer and Network Security
:elephant: :busts_in_silhouette: Manage PostgreSQL roles and privileges from YAML or LDAP
This is a proof of concept for device discovery using Hue IDs in order to connect with a custom logic module inside the Gira Homeserver
Privacy and security enhanced releases of Chromium for GrapheneOS. Vanadium provides the WebView and standard user-facing browser on GrapheneOS. It depends on hardening in other GrapheneOS repositories and doesn't include patches not relevant to the build
A general repository of code security and building secure applications
A cross-platform browser fuzzing framework
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
[proof-of-concept] WebChimera.js GStreamer editon
Setting Visual Studio startup projects by hacking the suo
Security library for Sparkjava: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
OpenStack Security Advisories. Mirror of code maintained at opendev.org.
:closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily
AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project
An Emacs framework for the stubborn martian hacker
HTTP query protocol with proof-of-concept implementations obtaining subsets of remote HTML data via XPath or CSS Selectors
Bridge from the pac4j security library to Spring Security (reactive)
YaST module security
CVE-2024-44204 -- A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver.
CVE-2024-44207 -- This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated.
CVE-2023-37822 -- Eufy HomeBase 2 model T8010X v3.2.8.3h was discovered to use the deprecated wireless protocol WPA2-PSK.
CVE-2024-0123 -- NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit
CVE-2024-0124 -- NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a lim
CVE-2024-0125 -- NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a
CVE-2024-25590 -- An attacker can publish a zone containing specific Resource Record Sets.
CVE-2024-34535 -- In Mastodon 4.1.6, API endpoint rate limiting can be bypassed by setting a crafted HTTP request header.
CVE-2024-36474 -- An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory
CVE-2024-39755 -- A privilege escalation vulnerability exists in the Veertu Anka Build 1.42.0. The vulnerability occurs during Anka node agent update. A low privilege user can trigger the update action which can result in unexpected elevation of privilege.
CVE-2024-41163 -- A directory traversal vulnerability exists in the archive download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of arbitrary files. An attacker can make an unauthenticated HTTP request to exploit thi
CVE-2024-41583 -- DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting (XSS) by authenticated users due to poor sanitization of the router name.
CVE-2024-41584 -- DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation of the sFormAuthStr parameter.
CVE-2024-41585 -- DrayTek Vigor3910 devices through 4.3.2.6 are affected by an OS command injection vulnerability that allows an attacker to leverage the recvCmd binary to escape from the emulated instance and inject arbitrary commands into the host machine.
CVE-2024-41586 -- A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute arbitrary code via a long query string to the cgi-bin/ipfedr.cgi component.
CVE-2024-41587 -- Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6.
CVE-2024-41588 -- The CGI endpoints v2x00.cgi and cgiwcg.cgi of DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strncpy function.
CVE-2024-41589 -- DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP for authentication requests.
CVE-2024-41590 -- Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6.
CVE-2024-41591 -- DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.
CVE-2024-41592 -- DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs.
CVE-2024-41593 -- DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of a _memcpy call, leading to a heap-based Buffer Overflow
CVE-2024-41594 -- An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.
CVE-2024-41595 -- DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations.
CVE-2024-41596 -- Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper retrieval and handling of the CGI form parameters.
CVE-2024-41922 -- A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can result in a disclosure of arbitrary files. An attacker can make an unauthenticated HTTP request to trigger
CVE-2024-41925 -- The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user input, allowing an attacker to traverse directories, bypass authentication, and execute remote code.
CVE-2024-41987 -- The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative pr
CVE-2024-41988 -- TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS File System binary image upload without authentication. This file system serves as the basis for the HTTP2 web server module but is also used by the SNMP module
CVE-2024-42415 -- An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer
CVE-2024-42417 -- Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product.
CVE-2024-42504 -- A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a Cross-Site Request Forgery (CSRF) in the login flow.
CVE-2024-43699 -- Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may be able to exploit this issue to obtain records contained in the targeted product.
CVE-2024-45367 -- The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password.
CVE-2024-45870 -- Bandisoft BandiView 7.05 is vulnerable to Incorrect Access Control in sub_0x3d80fc via a crafted POC file.
CVE-2024-45871 -- Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of service (DOS).
CVE-2024-45872 -- Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub_0x410d1d. The vulnerability occurs due to insufficient validation of PSD files.
CVE-2024-46658 -- Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was discovered to contain an authenticated command injection vulnerability.
CVE-2024-47134 -- Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Softwar
CVE-2024-47135 -- Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming
CVE-2024-47136 -- Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software
CVE-2024-47554 -- Uncontrolled Resource Consumption vulnerability in Apache Commons IO.
CVE-2024-47561 -- Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code.
CVE-2024-47614 -- async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustion, and User Experience Degradation. This vulnerability i
CVE-2024-47617 -- Sulu is a PHP content management system. This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle component. The vulnerability is a Reflected Cross-Site Scrip
CVE-2024-47618 -- Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed
CVE-2024-47762 -- Backstage is an open framework for building developer portals. Configuration supplied through APP_CONFIG_* environment variables, for example APP_CONFIG_backend_listen_port=7007, where unexpectedly ignoring the visibility defined in configuration schema.
CVE-2024-5803 -- The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is disabled.
CVE-2024-7825 -- Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrUrl.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2
CVE-2024-7826 -- Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM, 64 bit, 32 bit (wrURL.Dll modules) allows Functionality Misuse.This issue affects SecureAnywhere - Web Shield: before 2.1.2.3.
CVE-2024-8159 -- Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver.
CVE-2024-8352 -- The Social Web Suite – Social Media Auto Post, Social Media Auto Publish plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.1.11 via the download_log function. This makes it possible for unauthenticated attac
CVE-2024-8508 -- NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a co
CVE-2024-9100 -- Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal.
CVE-2024-9266 -- URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the Express Response object. This issue impacts Express: from 3.4.5 before 4.0.0.
CVE-2024-9313 -- Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them.
CVE-2024-9460 -- A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the att
CVE-2024-20365 -- A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system an
CVE-2024-20385 -- A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an unauthenticated, remote attacker to intercept sensitive information from an affected device. 
CVE-2024-20393 -- A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device.
CVE-2024-20432 -- A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device.
CVE-2024-20438 -- A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device.
CVE-2024-20441 -- A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device.
CVE-2024-20442 -- A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device.
CVE-2024-20444 -- A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to perform a command injection attack against an affected dev
CVE-2024-20448 -- A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensitive information.
CVE-2024-20449 -- A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device.
CVE-2024-20470 -- A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. In order to exploit
CVE-2024-20477 -- A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device.
CVE-2024-20490 -- A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco Nexus Dashboard Orchestrator (NDO) could allow an attacker with access to a tech support file to view sensitive information.
CVE-2024-20491 -- A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information.
CVE-2024-20492 -- A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the atta
CVE-2024-20500 -- A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.
CVE-2024-20501 -- Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device.
CVE-2024-20502 -- A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.
CVE-2024-20509 -- A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for
CVE-2024-20513 -- A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected
CVE-2024-20521 -- A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerabil
CVE-2024-20524 -- A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a de
CVE-2024-21530 -- Versions of the package cocoon before 0.4.0 are vulnerable to Reusing a Nonce, Key Pair in Encryption when the encrypt, wrap, and dump functions are sequentially called. An attacker can generate the same ciphertext by creating a new encrypted message with
CVE-2024-24116 -- An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.
CVE-2024-24117 -- Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component.
CVE-2024-24122 -- A remote code execution vulnerability in the project management of Wanxing Technology's Yitu project which allows an attacker to use the exp.adpx file as a zip compressed file to construct a special file name, which can be used to decompress the project f
CVE-2024-28888 -- A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and resul
CVE-2024-33209 -- FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the context of a victim's web browser.
CVE-2024-33210 -- A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users.
CVE-2024-33662 -- Portainer before 2.20.2 improperly uses an encryption algorithm in the AesEncrypt function.
CVE-2024-35293 -- An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS.
CVE-2024-35294 -- An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials.
CVE-2024-41290 -- FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via the cookie's component.
CVE-2024-43795 -- OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login functionality contains a reflected cross-site scripting (XSS) vulnerability. This vulnerability is fixed in 5.19.0. Note: Thi
CVE-2024-44017 -- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MinHyeong Lim MH Board allows PHP Local File Inclusion.This issue affects MH Board: from n/a through 1.3.2.1.
CVE-2024-44030 -- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mestres do WP Checkout Mestres WP.This issue affects Checkout Mestres WP: from n/a through 8.6.
CVE-2024-44097 -- According to the researcher: "The TLS connections are encrypted against tampering or eavesdropping. However, the application does not validate the server certificate properly while initializing the TLS connection. This allows for a network attacker to int
CVE-2024-44193 -- A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges.
CVE-2024-45186 -- FileSender before 2.49 allows server-side template injection (SSTI) for retrieving credentials.
CVE-2024-45519 -- The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.
CVE-2024-45519 -- The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.
CVE-2024-45960 -- Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack.
CVE-2024-45960 -- Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack.
CVE-2024-45962 -- October 3.6.30 allows an authenticated admin account to upload a PDF file containing malicious JavaScript into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code v
CVE-2024-45964 -- Zenario 9.7.61188 is vulnerable to Cross Site Scripting (XSS) in the Image library via the "Organizer tags" field.
CVE-2024-45964 -- Zenario 9.7.61188 is vulnerable to Cross Site Scripting (XSS) in the Image library via the "Organizer tags" field.
CVE-2024-45965 -- Contao 5.4.1 allows an authenticated admin account to upload a SVG file containing malicious javascript code into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary cod
CVE-2024-46626 -- OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted payload.
CVE-2024-46977 -- OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal vulnerability inside of LocalMode's open_local_file method allows an authenticated user with adequate permissions to d
CVE-2024-47529 -- OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible
CVE-2024-47611 -- XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows (MinGW-w64 or MSVC), the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command
CVE-2024-47612 -- DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically, (datadump-table-column-queued), (datadump-table-column-in-progress), (datadump-table-column-completed), (datadump-table-column-fai
CVE-2024-47616 -- Pomerium is an identity and context-aware access proxy. The Pomerium databroker service is responsible for managing all persistent Pomerium application state. Requests to the databroker service API are authorized by the presence of a JSON Web Token (JWT)
CVE-2024-47803 -- Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.
CVE-2024-47804 -- If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.
CVE-2024-47805 -- Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `config.xml` via REST API or CLI.
CVE-2024-47806 -- Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins.
CVE-2024-47807 -- Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins.
CVE-2024-6360 -- Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey.
CVE-2024-7315 -- The Migration, Backup, Staging WordPress plugin before 0.9.106 does not use sufficient randomness in the filename that is created when generating a backup, which could be bruteforced by attackers to leak sensitive information about said backups.
CVE-2024-7315 -- The Migration, Backup, Staging WordPress plugin before 0.9.106 does not use sufficient randomness in the filename that is created when generating a backup, which could be bruteforced by attackers to leak sensitive information about said backups.
CVE-2024-7558 -- JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID v
CVE-2024-7855 -- The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_review() function in all versions up to, and including, 2.1.2. This makes it possible for authenticated attackers, with sub
CVE-2024-8037 -- Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perf
CVE-2024-8038 -- Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.
CVE-2024-8038 -- Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.
CVE-2024-8254 -- The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.7.34. This is due to the software a
CVE-2024-8282 -- The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:ive/ive-productscarousel' Gutenberg block in all versions up to, and including, 1.2.4.4 due to insufficient i
CVE-2024-8505 -- The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_label’ parameter in all versions up to, and including, 7.1.2 due to insufficient input sanitization and output escaping. This
CVE-2024-8733 -- A potential security vulnerability
CVE-2024-8800 -- The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping o
CVE-2024-8885 -- A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2024.2.0 and older allows writing of arbitrary files.
CVE-2024-8885 -- A local privilege escalation vulnerability in 
CVE-2024-8967 -- The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible
CVE-2024-9172 -- The Demo Importer Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated
CVE-2024-9174 -- Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI
CVE-2024-9210 -- The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticat
CVE-2024-9218 -- The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the U
CVE-2024-9222 -- The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versio
CVE-2024-9225 -- The SEOPress – On-site SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 8.1.1. This makes it possible
CVE-2024-9333 -- Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation
CVE-2024-9344 -- The BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' parameter in all versions up to, and including,
CVE-2024-9378 -- The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.7.2 due to insufficient input sanitization and output escaping. This makes it possible for unau
CVE-2024-9423 -- Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, potentially blocking queued print jobs.
CVE-2024-9429 -- A vulnerability has been found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /filter2.php. The manipulation of the argument from/to leads to sql inject
CVE-2024-9440 -- Slim Select 2.0 versions through 2.9.0 are affected by a potential cross-site scripting vulnerability. In select.ts:createOption(), the text variable from the user-provided Options object is assigned to an innerHTML without sanitation. Software that depen
CVE-2024-9441 -- The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality