Lucene search
K

1833 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 11:39 a.m.14 views

Malicious code in kaggle-runner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dcd49ca70b987b236ba4341d839addfec9afb344e1471195f2f825281092f71 kagglerunner/coordinator.py embeds a bash reverse-shell template rvsstr that connects to vtool.duckdns.org:23454 via ncat with retry/backoff plus a...

5.8AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/12 4:45 a.m.94 views

Maltrail-v0.53-Exploit

Maltrail v0.53 — Command Injection Exploit I wrote this explo...

6.5CVSS6.1AI score0.07497EPSS
Exploits29
Packet Storm
Packet Storm
added 2026/05/11 12:0 a.m.123 views

📄 Oracle WebLogic WLS-WSAT XMLDecoder Remote Code Execution

This script is a Python-based proof of concept exploit targeting a deserialization vulnerability in Oracle WebLogic Server's WLS-WSAT component. The vulnerability allows unauthenticated attackers to execute arbitrary system commands via crafted SOAP requests sent to the...

7.5CVSS7.7AI score0.99993EPSS
Exploits45
Packet Storm
Packet Storm
added 2026/05/11 12:0 a.m.81 views

📄 MATLAB R2024a Code Execution / Information Disclosure

MATLAB R2024a suffers from a remote code execution vulnerability as well as a sandbox escape that allows for information disclosure. ================================================================================================================================== | Title : MATLAB R2024a RCE | |...

6.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2023-54344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by...

9.8CVSS6.7AI score0.0055EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/05 6:30 p.m.9 views

Malicious code in gemini-analyzer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c8996b17229185440fe7523f20f72ea848f3a001baa8946ca80fa6b5d3221ad The package is a RAT performing full exfiltration and executing remote commands through a custom RPC protocol over WebSockets, and eventually establishing a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/05 6:30 p.m.15 views

MAL-2026-3347 Malicious code in gemini-analyzer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c8996b17229185440fe7523f20f72ea848f3a001baa8946ca80fa6b5d3221ad The package is a RAT performing full exfiltration and executing remote commands through a custom RPC protocol over WebSockets, and eventually establishing a...

6AI score
Exploits0References1
EUVD
EUVD
added 2026/05/05 12:31 p.m.28 views

EUVD-2023-60563

Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...

9.8CVSS6.7AI score0.00455EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/05 12:31 p.m.8 views

EUVD-2023-60564

Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...

9.8CVSS6.7AI score0.0055EPSS
Exploits0References3
NVD
NVD
added 2026/05/05 12:16 p.m.28 views

CVE-2023-54344

Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...

9.8CVSS0.0055EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/05 11:24 a.m.6 views

CVE-2023-54344

Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...

9.8CVSS6.7AI score0.0055EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/05 11:24 a.m.53 views

CVE-2023-54342 Eclipse Equinox OSGi 3.8-3.18 Console Remote Code Execution

Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...

9.8CVSS0.00455EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/05 11:24 a.m.7 views

CVE-2023-54342 Eclipse Equinox OSGi 3.8-3.18 Console Remote Code Execution

Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...

9.8CVSS6.7AI score0.00455EPSS
Exploits0References2
CVE
CVE
added 2026/05/05 11:24 a.m.23 views

CVE-2023-54342

CVE-2023-54342 affects Eclipse Equinox OSGi versions 3.8–3.18. It is a remote code execution vulnerability in the OSGi console interface that allows unauthenticated attackers to execute arbitrary Java code by abusing the fork command. Exploitation involves establishing a telnet connection to the ...

9.8CVSS6.7AI score0.00455EPSS
Exploits0References2
CVE
CVE
added 2026/05/05 11:24 a.m.19 views

CVE-2023-54344

The vulnerability CVE-2023-54344 affects Eclipse Equinox OSGi 3.7.2 and earlier. The issue resides in the OSGi console interface, where an unauthenticated attacker can send payloads to the console port—specifically base64-encoded bash commands wrapped in fork directives—to achieve remote code exe...

9.8CVSS6.7AI score0.0055EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/05 7:7 a.m.89 views

web-app-attacks-avengers

web-app-attacks-avengers Ataque a aplicación web: SQL Injectio...

5.9AI score
Exploits0
Packet Storm
Packet Storm
added 2026/05/05 12:0 a.m.59 views

📄 Xibo CMS SSTI / Remote Code Execution

Xibo CMS versions prior to 4.3.1 suffer from an authenticated remote code execution vulnerability via server-side template injection. Exploit Title: Xibo CMS - Authenticated Remote Code Execution via SSTI Date: 2025-11-04 Exploit Author: Cristian Branet Vendor Homepage: https://xibosignage.com/...

7.2CVSS6.5AI score0.00884EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.15 views

PT-2026-36998

Name of the Vulnerable Software and Affected Versions Eclipse Equinox OSGi versions 3.8 through 3.18 Description A remote code execution flaw exists in the console interface. Unauthenticated attackers can execute arbitrary code by exploiting the fork command functionality. This is achieved by...

9.8CVSS6.6AI score0.00455EPSS
Exploits0References8
OSV
OSV
added 2026/04/30 8:37 p.m.8 views

MAL-2026-3203 Malicious code in buffparser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cc891132b1216e9093bcdd4581373dc7f750f700c82347c28bd1dff079261d8 Described as a utility for gaming, the code starts a reverse shell when using the exposed alledegdly parsing function. --- Category: MALICIOUS - The campaign h...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/30 8:37 p.m.5 views

Malicious code in buffparser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cc891132b1216e9093bcdd4581373dc7f750f700c82347c28bd1dff079261d8 Described as a utility for gaming, the code starts a reverse shell when using the exposed alledegdly parsing function. --- Category: MALICIOUS - The campaign h...

5.6AI score
Exploits0References1
Rows per page
Query Builder