The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch at the end of the month.

In this video, I am talking about apache tomecat deserialization remote code execution vulnerability. This vulnerability is in PersistantManager.
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103…

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻 - jakejarvis/awesome-shodan-queries

On April 7 2021, Thijs Alkemade and Daan Keuper demonstrated a zero-click remote code execution exploit in the Zoom video client during Pwn2Own 2021. Now that related bugs have been fixed for all users (see ZDI-21-971 and ZSB-22003) we can safely detail the…

What is SaltStack?
SaltStack, also known as Salt, is a configuration management and orchestration tool. It uses a central repository to provision new servers and other IT infrastructure, to make changes to existing ones, and to install software in IT environments.…

#GateOne ssh is an HTML5 web-based terminal emulator and SSH client.

#CVE-2020-35746 - arbitrary file read vulnerability via download.
GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join…

Solving OWASP UnCrackable Android App Level 1 with
Runtime Mobile Security (RMS) 📱🔥

Github Repo: https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security

UnCrackable App for Android Level 1 - Download: https://github.com/OWASP/owasp-mstg/tree/master/Crackmes…

Atlassian released patches to fix a critical flaw, tracked as CVE-2021-26084, affecting the Confluence enterprise collaboration product.

When I entered the world of Cyber Security, I was full of dreams…

اولین سامانه ردیابی نشت اطلاعات ایرانیان

💥جستجوی نشت
https://leakfa.com/search

💥نشت‌های عمده
https://leakfa.com/leaks

💥حمایت مالی
https://leakfa.com/donate

💥درباره ما
https://leakfa.com/about

📧 نظر، انتقاد، پیشنهاد
info@leakfa.com

Moodle remote code execution vulnerability.

Credit : https://github.com/HoangKien1020/

Vulnmachines - Learning Place for Security Enthusiast
Vulnmachines is online cyber security training platform with a massive number of labs, allowing individuals, students…

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. But roughly two week ago, VIP72's online storefront…

Code for NDSS' 19 paper: A Systematic Framework to Generate Invariants for Anomaly Detection in Industrial Control Systems - cfeng783/NDSS19_InvariantRuleAD

On July 30, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered in Booster for WooCommerce, a WordPress plugin installed on over 80,000 sites. This flaw made it possible for an attacker…