RansomLord is a proof-of-concept tool that automates the creation of PE files, used to compromise ransomware pre-encryption. This tool uses dll hijacking to defeat ransomware by placing PE files in the x32 or x64 directories where the program is run from.
647494bda466e645768d6f7d1cd051097aee319f88018d1a80547d8d538c98db
Red Hat Security Advisory 2024-3527-03 - Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Issues addressed include buffer overflow, denial of service, integer overflow, memory leak, and resource exhaustion vulnerabilities.
f7976b8e170be546f0ae90244875124b0d4dbae1498c74c776b4c1380ae64a0d
Red Hat Security Advisory 2024-3513-03 - An update for less is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
251dd556f26343b061eb6615219c2ae27b1ff872ff5eced27823edeeab298cb7
Red Hat Security Advisory 2024-3501-03 - An update for nghttp2 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
2259ed3c98bb1958e22876aeeb7b02063f28b9dab1b85e7ad5768608d11e5562
Red Hat Security Advisory 2024-3500-03 - An update for the ruby:3.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
07018912af2cc2a30a1a8c489f204ef85a96a2eef4d3c15d2dfd7fdd867a602f
Red Hat Security Advisory 2024-3497-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
843acaf0f746a1a8840e4560f9d9f7ea650a214c6e15a1b3c3ffc0d0cc80cde1
This archive contains all of the 68 exploits added to Packet Storm in May, 2024.
753ccfd5242ce49f15443887fb69c5c38c00091bb52bdafe46e28e7762f1d5c9
Ubuntu Security Notice 6804-1 - It was discovered that GNU C Library nscd daemon contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service. It was discovered that GNU C Library nscd daemon did not properly check the cache content, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
9dc17726191c1e8d25af731e1c1a582fe7b554d3f505d4bab60a6459bb305c87
Ubuntu Security Notice 6803-1 - Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 24.04 LTS. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS.
791bb40a4c8f9acb0292a309c51863cc9ae4a462faabf1d22932877c8c7196c1
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
90399bcb164b4b112830c11dba0b7486158942ee798ef7e06e37df300f75cccf
Ubuntu Security Notice 6802-1 - Lukas Fittl discovered that PostgreSQL incorrectly performed authorization in the built-in pg_stats_ext and pg_stats_ext_exprs views. An unprivileged database user can use this issue to read most common values and other statistics from CREATE STATISTICS commands of other users.
c10954c73d680328599d7d8e4dbcd565129971a3eff1d9b0307ace0fc71664d5
changedetection versions 0.45.20 and below suffer from a remote code execution vulnerability.
70e710cf9046b44a8c5d97c23bc771dcb7c5a9099610fdbaebc0e275487b2eba
Online Payment Hub System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4961e6290d3d4553b7cf539d9befdc3d12ec735c180c3ee1a73f99cbf2eab38b
Ubuntu Security Notice 6801-1 - It was discovered that PyMySQL incorrectly escaped untrusted JSON input. An attacker could possibly use this issue to perform SQL injection attacks.
df54bff30293aa2fb510345c2f13fdaf729e74f69da269365211c88d04dd552f
Ubuntu Security Notice 6800-1 - It was discovered that browserify-sign incorrectly handled an upper bound check in signature verification. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a signature forgery attack.
bbb5053adf3b1fc0f858b00ff034ddf245220cc2b0b12057d2b648d4e63fedae
BWL Advanced FAQ Manager version 2.0.3 suffers from a remote SQL injection vulnerability.
f95ccaedfdaee1cf2d018058b8c73c3b7d6c5bdacad42079362785b6fa9fa81c
iMLog versions prior to 1.307 suffer from a persistent cross site scripting vulnerability.
41363b501e8b38ba3e267a44d4da15c2e44e3c8e7251c38bd295cdf08bd7d310
Check Point Security Gateway suffers from an information disclosure vulnerability. Versions affected include R77.20 (EOL), R77.30 (EOL), R80.10 (EOL), R80.20 (EOL), R80.20.x, R80.20SP (EOL), R80.30 (EOL), R80.30SP (EOL), R80.40 (EOL), R81, R81.10, R81.10.x, and R81.20.
9a00e15745eee654d5e56bd4984cd3a4bdcf8830f76d50a2c9914ecf0ab23d3f