Exploit for CVE-2025-8061

Lenovo-CVE-2025-8061 PoC fo...

EUVD-2023-46299

Malicious code in bioql PyPI...

EUVD-2025-9626

Malicious code in bioql PyPI...

CVE-2021-36195

Multiple command injection vulnerabilities in the command line interpreter of FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 through 6.2.6, and 6.1.0 through 6.1.2 may allow an authenticated attacker to execute arbitrary commands on the underlying system shell via specially crafted...

CVE-2021-24009

Multiple improper neutralization of special elements used in an OS command vulnerabilities CWE-78 in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests...

CVE-2021-24023

An improper input validation in FortiAI v1.4.0 and earlier may allow an authenticated user to gain system shell access via a malicious payload in the "diagnose" command...

📄 Remote for Windows 2024.15 Local Privilege Escalation

Remote for Windows version 2024.15 suffers from a local privilege escalation vulnerability. Exploit Title: Remote for Windows 2024.15 - Local Privilege Escalation Date: 2025-05-19 Exploit Author: Chokri Hammedi Vendor Homepage: https://rs.ltd Software Link: https://rs.ltd/latest.php?os=win Versio...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-49138-POC Proof of Concept that exploits CVE-2024-4...

PT-2024-13032 · Pax · Pax Android

Name of the Vulnerable Software and Affected Versions: PAX Android based POS devices versions prior to PayDroid 8.1.0 Sagittarius V11.1.61 20240226 Description: The issue allows for escalation of privilege via improperly configured scripts. An attacker must have shell access with system account...

CVE-2023-41807

Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows a user to escalate permissions on the system shell. This issue affects Pandora FMS: from 700 through 773...

CVE-2023-31756

A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions = 0.1.0. 0.9.1 v5006.0 Build 220518 Rel.32480n which allows remote attackers, authenticated to the administrative web portal as an administrator user to open an...

CVE-2023-31756

A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions = 0.1.0. 0.9.1 v5006.0 Build 220518 Rel.32480n which allows remote attackers, authenticated to the administrative web portal as an administrator user to open an...

TP-Link Archer VR1600V 操作系统命令注入漏洞

The TP-Link Archer VR1600V is a wireless modem from China P&L TP-LINK. The TP-Link Archer VR1600V suffers from a command injection vulnerability that stems from the application failing to properly filter constructed command special characters, commands, etc. An attacker could exploit the...

K16383: Linux RPM vulnerability CVE-2013-6435

Security Advisory Description Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d...

CVE-2022-40298

Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the system and gain a SYSTEM level shell...

PT-2022-25321 · Seagate · Seagate

Name of the Vulnerable Software and Affected Versions: Seagate affected versions not specified Description: The issue involves exploiting a Seagate service to create a SYSTEM shell. This is related to local privilege escalation exploits. There is no information provided about the estimated number...

[SECURITY] Fedora 35 Update: ipython-7.26.0-3.fc35

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

[SECURITY] Fedora 34 Update: ipython-7.20.0-2.fc34

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

CVE-2021-36195

Multiple command injection vulnerabilities in the command line interpreter of FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 through 6.2.6, and 6.1.0 through 6.1.2 may allow an authenticated attacker to execute arbitrary commands on the underlying system shell via specially crafted...

Fortinet FortiWeb 操作系统操作系统命令注入漏洞

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content.Fortinet FortiWeb A command injection...