Collaborate Disseminate
When I’m trying to analyze CVEs to detect which jars are affected by the CVE, I getting confused.
Let’s take as an example this CVE: CVE-2022-22978
In the description:
"In Spring Security versions 5.5.6 and 5.6.3 and older unsupporte… Continue reading how to know CVE affects which Jar/artifact?
I have been trying to exploit a cheap smart tv box that I have bought a while ago and after my nmap scan I found that port 7000/tcp was open but researching about the port gave back not much information I even searched searchsploit and vul… Continue reading I am trying to exploit port 7000/tcp afs3-fileserver
Do all SCA scanners work the same? Do they scan the source or the environment? I’ve seen some SCA that can scan a folder but also python safety just checks pypi. If both, what are advantages/disadvantages of each?
Continue reading Does Software Composition Analysis scan the source code or environment?
I installed nexpose yesterday. And when I start the server in maintenance mode, I initialize the console with the command sudo sh nsc.sh and it throws me out the following errors:
14:07:14,340 |-ERROR in ch.qos.logback.core.joran.action.Ap… Continue reading Maintenance mode errors in Nexpose [closed]
I have the APK of an application and analyzed it using MobSF static analysis. It says the application talks with Firebase Database and provides a URL.
Obviously, the URL is not accessible.
I am new to this so trying to find tools from GitH… Continue reading How to Scan Firebase Database?
I am a university student currently trying to demonstrate exploitation of the SMBGhost Vulnerability on Windows 10 (Version: 1903, Build Number: 18362.356). I need to provide evidence that the vulnerability exists. However when using Nessu… Continue reading Scanning for SMBGhost vulnerability
I have a hosted a simple react website(testing) with nginx webserver and cloudflare as ssl provider.My website is down from few days with cloudflare error 525 "SSL handshake failed".I was pretty sure my SSL keys are not expired,s… Continue reading Can anyone help finding what’s shady things are logged on my nginx webserver? [duplicate]
This vulnerability is from a third party reviewer for PCI scans. I am stuck for months and can’t figure this out. I already used sanitation to my page and it still fail the PCI scanning. I am starting to think that this is not a code relat… Continue reading DCP-Portal Vulnerability
Operating System: Kali Linux version 2022.1
GSA Version: 21.4.3
I am very new to using OpenVAS and I am currently running into this issue where I try to initiate a quick scan and OpenVAS displays the error shown in the title. I have instal… Continue reading OpenVAS error ‘Failed to find port_list ‘33d0cd82-57c6-11e1-8ed1-406186ea4fc5’
I had a DC server running Microsoft Windows Server 2008 R2 x64. After a vulnerability scan launched on this server using Nexpose, the CVE-2017-8563 was reported by the vulnerability scanner with the message " Vulnerable software insta… Continue reading How could we fix Microsoft LDAP Enforce Channel Binding CVE-2017-8563?