CVE-2025-57521

Bambu Studio 2.1.1.52 and earlier is affected by a vulnerability that allows arbitrary code execution during application startup. The application loads a network plugin without validating its digital signature or verifying its authenticity. A local attacker can exploit this behavior by placing a...

The vulnerability of the Nagios Fusion software for visualizing IT infrastructure’s operational status lies in its insecure management of privileges, allowing attackers to escalate their privileges.

The vulnerability of the Nagios Fusion software for visualizing IT infrastructure’s operational status is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to increase their privileges by installing a malicious component containing PHP code...

CVE-2020-28904

Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code...

Privilege escalation

Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation as nagios via installation of a malicious component containing PHP code...

The vulnerability of Microsoft Application Inspector’s source code analysis application lies in its lack of measures to protect the structure of web pages, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Application Inspector’s source code analysis application is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by running the application that contains the...

Nextcloud: Github wikis are editable by anyone

Github wikis on the following projects https://github.com/nextcloud/fulltextsearch https://github.com/nextcloud/nextcloudpi https://github.com/nextcloud/spreed https://github.com/nextcloud/ocsms https://github.com/nextcloud/nextcloud-snap https://github.com/nextcloud/passman can be edited by any...

Information disclosure

An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious component to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

Joomla 1.6.x Administrator PHP Code Execution

Requirements require 'msf/core' Class declaration class Metasploit3 'Joomla 1.6. Administrator PHP Code Execution', 'Description' = %q This module can be used to gain a remote shell to a Joomla! 1.6. install when administrator credentials are known. This is acheived by uploading a malicious...

Attackers Exploiting Windows Help Center Flaw

Researchers have found evidence that attackers are exploiting the vulnerability in the Windows Help and Support Center that was at the center of so much controversy last week. The flaw, which is in the protocol handler related to the Microsoft Windows Help and Support Center, was disclosed late...