25
May
2020
A vulnerability has been introduced in the package that installs sqliteODBC in Red Hat / CentOS / Fedora distributions.
It is a race condition that allows local users to escalate their privileges to root permissions.
A vulnerability has been introduced in the package that installs sqliteODBC in Red Hat / CentOS / Fedora distributions.
It is a race condition that allows local users to escalate their privileges to root permissions.
Ligolo is a simple and lightweight tool for establishing SOCKS5 or TCP tunnels from a reverse connection in complete safety (TLS certificate with elliptical curve).
It is comparable to Meterpreter with Autoroute + Socks4a, but more stable and faster.
Découvrez les mesures mises en oeuvre pour assurer votre santé et votre sécurité au sein de nos locaux.
We found several XSS vulnerabilities in Centreon, a popular monitoring solution.
We found a vulneability in Centreon, the popular monitoring solution: the application exposes user session ID in some server responses.
Combined with other vulnerabilities (like CVE-2020-10946), this can lead to critical exploitation scenarios.
Pour ne pas perdre la main, formez-vous aux enjeux de la cybersécurité grâce à nos différents programmes à distance, adaptés à vos besoins et votre niveau.
Following our disclosure of a vulnerability against Unraid, we prepared a Metasploit module to make testing and exploitation easier.
Today, it got merged in the master branch of Metasploit and should reach you out once you update your Metasploit installation.
Okular is a universal document viewer developed by the KDE project.
We found a command execution inside a PDF document that can be used with social engineering attacks to remotely execute commands on a target system.
En cette période de crise sanitaire inédite nous proposons nos services d’audits, de conseil et de sensibilisation à la cybersécurité gratuitement aux acteurs de l’éducation nationale et ceux du système de santé français.
Unraid is an operating system for personal and small business use that brings enterprise-class features letting you configure your computer systems to maximize performance and capacity using any combination of applications, VMs, storage devices, and hardware. We found an authentication bypass vulnerability that leads to remote code execution as root.