-
Kali Linux 2024.4 Release (Python 3.12, Goodbye i386, Raspberry Pi Imager & Kali NetHunter)
Just before the year starts to wrap up, we are getting the final 2024 release out! This contains a wide range of updates and changes, which are in already in effect, ready for immediate download, or updating. The summary of the changelog since the 2024.3 release from September is: Python 3.12 – New default Python…
-
Contributing to Kali
With the launch of our brand-new forums, we thought we would update our documentation and explore how everyone can contribute to the growth of Kali Linux. Kali is a multi-platform project that thrives on the the contributions of its community. Whether you’re curious about how you can pitch in or simply want to learn more…
-
The end of the i386 kernel and images
The i386 architecture has long been obsolete, and from this week, support for i386 in Kali Linux is going to shrink significantly: i386 kernel and images are going away. Images and releases will no longer be created for this platform. Some terminology first Let’s start with the terms used in Kali Linux to talk about…
-
CVE-2025-24787 – WhoDB MySQL File Disclosure Vulnerability
CVE ID : CVE-2025-24787 Published : Feb. 6, 2025, 7:15 p.m. | 50 minutes ago Description : WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The…
-
CVE-2025-24981 – Vue Markdown Converter (MDC) Angular JavaScript XSS
CVE ID : CVE-2025-24981 Published : Feb. 6, 2025, 6:15 p.m. | 1 hour, 50 minutes ago Description : MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. In affected versions unsafe parsing logic of the URL from markdown can lead to arbitrary JavaScript code due to a bypass…
-
CVE-2025-24786 – WhoDB Path Traversal SQL Injection Vulnerability
CVE ID : CVE-2025-24786 Published : Feb. 6, 2025, 7:15 p.m. | 50 minutes ago Description : WhoDB is an open source database management tool. While the application only displays Sqlite3 databases present in the directory `/db`, there is no path traversal prevention in place. This allows an unauthenticated attacker to open any Sqlite3 database present…
-
CVE-2023-5878 – Honeywell OneWireless Wireless Command Injection Vulnerability
CVE ID : CVE-2023-5878 Published : Feb. 6, 2025, 3:15 p.m. | 4 hours, 50 minutes ago Description : Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. An attacker who is authenticated could use the firmware update process to potentially exploit the vulnerability, leading…
-
CVE-2024-39272 – ClearML Enterprise Server Cross-Site Scripting
CVE ID : CVE-2024-39272 Published : Feb. 6, 2025, 5:15 p.m. | 2 hours, 50 minutes ago Description : A cross-site scripting (xss) vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to…
-
CVE-2024-37358 – Apache James IMAP Denial of Service Vulnerability
CVE ID : CVE-2024-37358 Published : Feb. 6, 2025, 12:15 p.m. | 7 hours, 50 minutes ago Description : Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6…
-
CVE-2022-31764 – Apache ShardingSphere ElasticJob-UI H2 DB RCE Vulnerability
CVE ID : CVE-2022-31764 Published : Feb. 6, 2025, 3:15 p.m. | 4 hours, 50 minutes ago Description : The Lite UI of Apache ShardingSphere ElasticJob-UI allows an attacker to perform RCE by constructing a special JDBC URL of H2 database. This issue affects Apache ShardingSphere ElasticJob-UI version 3.0.1 and prior versions. This vulnerability has been fixed…