EUVD-2020-4382

Malware in sbrugna...

📄 TightVNC 2.8.83 Control Pipe Manipulation

TightVNC version 2.8.83 suffers from a control pipe manipulation vulnerability. Exploit Title: TightVNC 2.8.83 - Control Pipe Manipulation Date: 06/09/2025 Exploit Author: Ionut Zevedei [email protected] Exploit Repository: https://github.com/zeved/CVE-2024-42049-PoC Vendor Homepage:...

PT-2019-15975 · Tautulli · Tautulli

Name of the Vulnerable Software and Affected Versions: Tautulli version 2.1.9 Description: The issue allows an attacker to shut down a remote media server due to a CSRF vulnerability in the "/shutdown" API endpoint. Additionally, anonymous access can be achieved in applications lacking a user log...

CVE-2016-4315

Cross-site request forgery CSRF vulnerability in WSO2 Carbon 4.4.5 allows remote attackers to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action to server-admin/proxyajaxprocessor.jsp...

Apache struts2 devMode Remote Code Execution Vulnerability

Apache Struts is the United States Apache Apache Software Foundation is responsible for maintaining an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications . Apache struts2 devMode remote code execution vulnerability , the vulnerability i...

EAP: missing authorization check for Monitor/Deployer/Auditor role when shutting down server

It was found that JBoss EAP did not properly authorize a user performing a shut down. A remote user with the Monitor, Deployer, or Auditor role could use this flaw to shut down the EAP server, which is an action restricted to admin users...

CVE-2002-0687

The "through the web code" capability for Zope 2.0 through 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers...