Ура, мы набрали 100 подписчиков😊
Спасибо, что подписаны. Честно говоря не думал, что вообще кому то нужен этот мониторинг )
——————
Yay, we hit 100 subscribers😊
Thank you for subscribing. Honestly didn't think anyone needed this monitoring at all )
Спасибо, что подписаны. Честно говоря не думал, что вообще кому то нужен этот мониторинг )
——————
Yay, we hit 100 subscribers
Thank you for subscribing. Honestly didn't think anyone needed this monitoring at all )
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥2
CVE-2025-29927
None
Github link:
https://github.com/ferpalma21/Automated-Next.js-Security-Scanner-for-CVE-2025-29927
None
Github link:
https://github.com/ferpalma21/Automated-Next.js-Security-Scanner-for-CVE-2025-29927
GitHub
GitHub - ferpalma21/Automated-Next.js-Security-Scanner-for-CVE-2025-29927: This script scans a list of URLs to detect if they are…
This script scans a list of URLs to detect if they are using **Next.js** and determines whether they are vulnerable to **CVE-2025-29927**. It optionally attempts exploitation using a wordlist. - fe...
CVE-2022-46689
A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.
Github link:
https://github.com/Code2Crusader/46689
A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.
Github link:
https://github.com/Code2Crusader/46689
GitHub
GitHub - Code2Crusader/46689: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689. - Code2Crusader/46689
CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/fabulouscounc/CVE-2024-4577-PHP-RCE
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/fabulouscounc/CVE-2024-4577-PHP-RCE