Security Bulletin: IBM Storage Protect Server is affected by vulnerabilities in IBM SDK, Java Technology Edition that could allow denial-of-service or information exposure in applications using the affected Java components.

Summary IBM Storage Protect Server is affected by multiple vulnerabilities in IBM SDK, Java Technology Edition may allow attackers to exploit weaknesses in certain Java components. These issues could lead to denial-of-service conditions or unintended information exposure in applications that rely...

EUVD-2021-21468

Malware in sbrugna...

EUVD-2006-5307

Malware in sbrugna...

EUVD-2019-5328

Malware in sbrugna...

EUVD-2025-4501

Malicious code in bioql PyPI...

KLA87341 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Bot Service can be exploited remotely to gain privileges. 2. An elevation ...

Linksys多款产品 安全漏洞

Linksys RE6250 and others are a wireless extender from Linksys USA. A security vulnerability exists in various Linksys products, which stems from a stack buffer overflow that could lead to a remote attack. The following products are affected: the RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000...

Linux Distros Unpatched Vulnerability : CVE-2012-6550

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the clipText returned fr...

HTTP Client Automatic Exploiter 2 (Browser Autopwn)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "HTTP Client Automatic Exploiter 2 Browser Autopwn", 'Description' = %q This module will automatically serve browser exploits. Here are the option...

EuroTel ETL3100 Radio Transmitter

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : EuroTel Equipment : ETL3100 Vulnerabilities : Improper Restriction of Excessive Authentication Attempts, Authorization Bypass Through User-Controlled Key,...

Rocky Linux 8 : rsyslog (RLSA-2022:4799)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4799 advisory. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used...

Heap overflow

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

CVE-2022-24903 Buffer overflow in TCP syslog server (receiver) components in rsyslog

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

DEBIAN-CVE-2021-37986

Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page...

FreeBSD : MySQL -- Multiple vulnerabilities (38a4a043-e937-11eb-9b84-d4c9ef517024)

Oracle reports : This Critical Patch Update contains 41 new security patches for Oracle MySQL. 10 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. The highest CVSS v3.1 Base Score of...

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

Industrial Networks See Sharp Uptick in Hackable Security Holes

It’s on: Adversaries, CISOs and researchers are all simultaneously involved in a frantic race to find cybersecurity vulnerabilities hiding within industrial networks, according to the latest Biannual ICS Risk and Vulnerability report from Claroty. The report analyzed all publicly disclosed...

mad-metasploit

This is a Metasploit custom module repository, mad-metasploit, which contains a collection of exploits and plugins for various vulnerabilities. The repository is maintained by hahwul and is available on GitHub. The repository includes a variety of exploits, including: AIX Calendar Manager Service...

Discourse < 2.5.0.beta6 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...