mcp-csharp-cmdexe-poc

MCP C SDK cmd.exe Argument Injection PoC Proof of concept fo...

Bitter APT Exploiting Old WinRAR Vulnerability in New Backdoor Attacks

South Asian hacking group Bitter APT-Q-37 is deploying a C backdoor using two new methods: a WinRAR flaw and malicious Office XLAM files, targeting government and military sectors...

EUVD-2018-19795

Malware in sbrugna...

Kubernetes C# client accepts certificates from any CA without properly verifying the trust chain

A vulnerability exists in the Kubernetes C client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority CA without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially...

CVE-2025-9708

A vulnerability exists in the Kubernetes C client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority CA without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially...

CVE-2025-9708 Kubernetes C# Client: improper certificate validation in custom CA mode may lead to man-in-the-middle attacks

A vulnerability exists in the Kubernetes C client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority CA without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially...

CVE-2020-15865

A Remote Code Execution vulnerability in Stimulsoft aka Stimulsoft Reports 2013.1.1600.0 allows an attacker to encode C scripts as base-64 in the report XML file so that they will be compiled and executed on the server that processes this file. This can be used to fully compromise the server...

Inedo ProGet 安全漏洞

Inedo ProGet is a package management system from Inedo. A security vulnerability exists in Inedo ProGet version 2024.22 and earlier, which stems from a C reflection layer that allows remote attackers to access restricted functionality, potentially resulting in a denial of service or access to...

CVE-2024-6596

An unauthenticated remote attacker can run malicious c code included in curve files and execute commands in the users context...

org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters...

SUSE CVE-2024-29857

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of th...

GHSA-8XFC-GM6G-VGPV Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of th...

CBOR Security Breach

CBOR is a C implementation of the Concise Binary Object Representation by the individual developer Peter Occil. A security vulnerability exists in CBOR versions 4.0.0 through 4.5.0, which stems from the use of an inefficient algorithm that makes it susceptible to denial-of-service attacks when...

iocs

It is an offensive tool for threat intelligence. The repository...

Microsoft Common Data Model SDK Security Vulnerability

Microsoft Common Data Model SDK is a software application from Microsoft Corporation USA. A security vulnerability exists in Microsoft Common Data Model SDK. An attacker could exploit this vulnerability to cause a denial of service. The following products and versions are affected: Microsoft Comm...

Motorola SmartPTT SCADA 安全漏洞

Motorola SmartPTT SCADA is an integrated voice and data scheduling software application from Motorola USA. A security vulnerability exists in Motorola SmartPTT SCADA version 1.1.0.0. An attacker could exploit the vulnerability by writing a malicious C script and executing code on the server...

SUSE CVE-2006-2658

Directory traversal vulnerability in the xsp component in modmono in Mono/C web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. dot dot sequence in an HTTP request...

Stimulsoft 安全漏洞

Stimulsoft Stimulsoft Reports is an excellent set of reporting components for the .NET platform from Stimulsoft. NET platform for processing reports in JavaScript applications. A security vulnerability exists in Stimulsoft version 2013.1.1600.0, which stems from a vulnerability that allows an...

Microsoft Windows Explorer Preview Pane Security Bypass Vulnerability

Previewing a WMA/WMV media format on Windows Explorer through its Preview Pane causes embedded URLs to be automatically opened in the default browser without displaying any prompt. Exploit Title: Windows Explorer Preview Pane WMV/WMA media Automatic URI Opening Vulnerability Exploit Author: Eduar...

Exploit for CVE-2021-1675

C and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527...