A newly discovered heap-based buffer overflow in the glibc's __vsyslog_internal() function, called by syslog() and vsyslog(), poses a significant security risk. Identified as CVE-2023-6246, this vulnerability was inadvertently introduced in glibc versions 2.37 and backported to 2.36. **Impact:** - Allows for Local Privilege Escalation to root from an unprivileged user. - Affects common distributions like Debian 12 & 13, Ubuntu 23.04 & 23.10, and Fedora 37 to 39. - Requires local network access; remote exploitation is highly unlikely. **Mitigation:** - Review and apply necessary patches immediately. - Monitor system logs for unusual activities.

Lenovo Commercial Vantage Tool Local Privilege Escalation:

If you are looking for the Samba vulnerability click the link below: https://vulmon.com/vulnerabilitydetails?qid=CVE-2021-44142

Fortinet FortiWeb OS Command Injection PoC The patch will be released at the end of August https://www.rapid7.com/blog/post/2021/08/17/fortinet-fortiweb-os-command-injection/

ThroughTek "Kalay" Network Device Impersonation Vulnerability Proof of Concept. The vulnerability affects millions of IoT devices.

Cisco Adaptive Security Appliance (ASA) XSS POC: POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1 Host: ciscoASA.local Content-Type: application/x-www-form-urlencoded Content-Length: 44 SAMLResponse="><svg/onload=alert('PTSwarm')>

QNAP NAS HBS 3 Hybrid Backup Syn Hard-Coded Credentials QLocker Ransomware is using this vulnerability to encrypt files of QNAP customers. https://forum.qnap.com/viewtopic.php?t=160876&p=787015

Write-up of CVE-2021-30481 Source engine remote code execution via game invites https://secret.club/2021/04/20/source-engine-rce-invite.html

Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316) https://shenaniganslabs.io/2021/04/13/Airstrike.html

Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027) https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/