CVE-2017-20227

JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer boundaries. Attackers can craft malicious input passed to the jad command to overflow the stack and...

CVE-2017-20229

MAWK 1.3.3-17 and earlier contain a stack-based buffer overflow due to inadequate boundary checks on user-supplied input. An attacker can craft input that overflows the stack and facilitates a return-oriented programming chain to spawn a shell with application privileges. The connected documents ...

GHSA-XGXP-F695-6VRP In Soft Serve, an authenticated repo import can clone server-local private repositories

Summary An authorization flaw in repo import allows any authenticated SSH user to clone a server-local Git repository, including another user's private repo, into a new repository they control. This breaks the private-repository confidentiality boundary and should be treated as High severity...

CVE-2026-22320

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...

CVE-2026-23759 Perle IOLAN STS/SCS Authenticated Command Injection via 'shell ps'

Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell 'ps' command does not perform proper argument sanitization and passes user-supplied parameters into an 'sh -c'...

Exploit for XML Injection (aka Blind XPath Injection) in Fonttools

CVE-2025-66034-Poc-to-Get-RCE-for-HTB-VariaType Just run the...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the --container parameter. An attacker can execute unauthorized commands by supplying specially crafted input that is not properly sanitized. Note: This is only exploitable if the attacker has shell access to the...

Command Injection

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Command Injection via the --container parameter. An attacker can...

CVE-2019-25483

The CVE-2019-25483 entry concerns the Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k device, where a restricted shell escape vulnerability allows local users to bypass command restrictions via the command substitution operator $( ). Attackers can inject arbitrary commands through $( ) when pa...

EUVD-2025-208368

A low‑privileged local attacker who gains access to the UBR service account e.g., via SSH can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries e.g., tcpdump and ip with sudo...

EUVD-2026-9371

International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the monitor account. A remote unauthenticated attacker can use these trivial, undocumented credentials to access the system via SSH. While initially dropped into a restricted shell,...

CVE-2026-28776 Hardcoded and Insecure Credentials for "monitor" account with SSH Access On IDC SFX2100 Satellite Receiver

International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the monitor account. A remote unauthenticated attacker can use these trivial, undocumented credentials to access the system via SSH. While initially dropped into a restricted shell,...

PT-2026-22879

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX2100 Satellite Receiver affected versions not specified Description The SFX2100 Satellite Receiver has a default, easily guessable password for the user usr account. An unauthenticated remote attack...

PT-2026-22878

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver affected versions not specified Description The IDC SFX Series SuperFlex SatelliteReceiver includes hardcoded credentials for the monitor account. A remote,...

Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries

Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries. "This prolific, elusive actor has a long history of targeting...

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies on the Internet Relay Chat IRC communication protocol for command-and-control C2 purposes. "The toolset blends stealth helpers with legacy-era Linux exploitation: Alongside log cleaners...

CVE-2026-0383

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

Linux-Usermode-Exploitation-101

Linux Usermode Exploitation 101 Introduction The aim of th...

CVE-2026-0383

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

CVE-2026-0383

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...