Photon OS 5.0: Linux PHSA-2025-5.0-0715

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0715. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Metasploit Wrap-Up 12/19/2025

React2Shell Payload Improvements Last week Metasploit released an exploit for the React2Shell vulnerability, and this week we have made a couple of improvements to the payloads that it uses. The first improvement affects all Metasploit modules. When an exploit is used, an initial payload is...

HDF5 Installed (Linux)

Binary data hdf5nixinstalled.nbin...

Athena

Athena Athena is an all in one...

📄 Juniper ScreenOS 6.2.0r15 Backdoor Scanner

Juniper ScreenOS version 6.2.0r15 SSH backdoor scanner written in PHP. ============================================================================================================================================= | Title : Juniper ScreenOS 6.2.0r15 PHP Backdoor Scanner | | Author : indoushka | |...

Photon OS 5.0: Kubernetes PHSA-2025-5.0-0698

An update of the kubernetes package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0698. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

📄 ionCube Loader Wizard 14.4.0 Scanner

ionCube Loader Wizard version 2.34 scanner that look for the installation file and displays PHP info to gather more information about the target. ============================================================================================================================================= | Title :...

Photon OS 5.0: Iptraf PHSA-2025-5.0-0712

An update of the iptraf package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0712. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2025-68248

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new...

Photon OS 5.0: Imagemagick PHSA-2025-5.0-0714

An update of the ImageMagick package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0714. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Exploit for Deserialization of Untrusted Data in Facebook React

🔍 Next.js RCE Scanner - CVE-2025-55182 & CVE-2025-66478...

📄 Craft CMS 5.0 Twig Template Injection Scanner

This is a mass scanning script for the Craft CMS version 5.0 Twig template injection vulnerability. ============================================================================================================================================= | Title : Craft CMS 5.0 Twig Template Injection – Mass...

Nuclei 3.6.1

Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...

Linux Distros Unpatched Vulnerability : CVE-2025-68170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/radeon: Do not kfree devres managed rdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc rdev is managed by devres and we...

GitHub Scanner for React2Shell (CVE-2025-55182) Turns Out to Be Malware

A GitHub repository posing as a vulnerability scanner for CVE-2025-55182, also referred to as “React2Shell,” was exposed as…...

Fortra GoAnywhere MFT 7.x Vulnerability Scanner

Fortra GoAnywhere MFT version7.x vulnerability scanner that looks for systems with a deserialization vulnerability using remote fingerprinting of the system. It does not perform exploitation...

📄 dotCMS 25.07.02-1 Security Scanner

dotCMS version 25.07.02-1 python scanning script that looks for remote SQL injection. ============================================================================================================================================= | Title : dotCMS 25.07.02-1 Security Scanner | | Author : indoushka |...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell – Advanced Discovery & Exploitation Framework An...

Exploit for CVE-2025-61675

FreePBX CVE-2025 Vulnerability Scanner ⚠️ DISCLAIMER TH...

CVE-2025-67750

Lightning Flow Scanner provides a A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flows. Versions 6.10.5 and below allow a maliciously crafted flow metadata file to cause arbitrary JavaScript execution during scanning. The APIVersion rule uses new...