Penetration-Testing-on-Metasploitable2

Penetration-Testing-on-Metasploitable2...

VulRTex: a Reasoning-Guided Approach to Identify Vulnerabilities from Rich-Text Issue Report

Software vulnerabilities exist in open-source software OSS, and the developers who discover these vulnerabilities may submit issue reports IRs to describe their details. Security practitioners need to spend a lot of time manually identifying vulnerability-related IRs from the community, and the...

CVE-2025-0280

creationtimestamp| type| source ---|---|--- 2025-09-03 17:24:44+00:00| seen| Telegram/fYWTIHhJwQdUjl3ztvy2wipVAoAWVxrXc1BbpxjHjA1d1gc...

CVE-2014-125127

creationtimestamp| type| source ---|---|--- 2025-09-03 12:15:58+00:00| seen| https://gist.github.com/Darkcrai86/5ebe9611c8a915fc5e5d1c2fe85938f6 2025-09-03 20:32:16+00:00| seen| https://gist.github.com/Darkcrai86/daf5a651437f49bdf8200ad8c8585dda...

Linux Distros Unpatched Vulnerability : CVE-2020-36516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path...

CVE-2011-0182

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:32+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

CVE-2023-6236

creationtimestamp| type| source ---|---|--- 2025-08-30 08:22:52+00:00| seen| Telegram/mvZ8NgsrRYGJqSXeB5hg9rgVW-S0L1quSgwaG7p9hO2SM4Y...

Linux Distros Unpatched Vulnerability : CVE-2022-47089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gfvvcreadspsbsinternal function of mediatools/avparsers.c CVE-2022-47089 Note that...

Addressing Weak Authentication like RFID, NFC in EVs and EVCs Using AI-Powered Adaptive Authentication

The rapid expansion of the Electric Vehicles EVs and Electric Vehicle Charging Systems EVCs has introduced new cybersecurity challenges, specifically in authentication protocols that protect vehicles, users, and energy infrastructure. Although widely adopted for convenience, traditional...

CVE-2025-9418

Affected: itsourcecode Apartment Management System 1.0. Vulnerable component: /owner/addowner.php. Issue: input manipulation of the ID parameter enables SQL injection (remote). Exploitation disclosed publicly. Remediation: no patch/version fixed is stated in the provided documents; some sources s...

CGA-J49M-64RH-H2V3

Bulletin has no description...

CGA-C6GR-26M7-5WC7

Bulletin has no description...

CGA-V558-GXPG-JJXV

Bulletin has no description...

CGA-QMFR-RXCM-P433

Bulletin has no description...

CVE-2025-38661

In the Linux kernel, the following vulnerability has been resolved: platform/x86: alienware-wmi-wmax: Fix dmisystemid array Add missing empty member to awccdmitable...

CVE-2025-29366

In mupen64plus v2.6.0 there is an array overflow vulnerability in the writerdramregs and writerdramregs functions, which enables executing arbitrary commands on the host machine...

CVE-2025-38661

In the Linux kernel, the following vulnerability has been resolved: platform/x86: alienware-wmi-wmax: Fix dmisystemid array Add missing empty member to awccdmitable...

CISA Requests Public Comment for Updated Guidance on Software Bill of Materials

CISA released updated guidance for the Minimum Elements for a Software Bill of Materials SBOM for public comment—comment period begins today and concludes on October 3, 2025. These updates build on the 2021 version of the National Telecommunications and Information Administration SBOM Minimum...

CLSA-2025-1755791708 Update of linux-firmware

Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A70FC0ver:0x0A70C005, cpuid:0x00A70F52ver:0x0A705206, cpuid:0x00A00F82ver:0x0A00820C, cpuid:0x00A40F41ver:0x0A404107, cpuid:0x00A70F80ver:0x0A708007, cpuid:0x00A20F10ver:0x0A20102D, cpuid:0x00A70F41ver:0x0A704107,...

jshERP 安全漏洞

jshERP Huaxia ERP is a homegrown ERP system by the individual developer of Ji Sheng Hua in China. A security vulnerability exists in jshERP v3.5, which stems from improper access control in the ResourceController.java component and could lead to access to ID data...