Exploit for Missing Authentication for Critical Function in Cpanel

POCCVE-2026-41940 Quick start bash python3 pocCVE-202...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013372)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013372 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows:...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011174 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows:...

Iran Threatens to Start Attacking Major US Tech Firms on April 1

Tech giants like Apple, Google, and Microsoft are among those on a target list released by Iran’s Islamic Revolutionary Guard Corps...

EUVD-2022-55858

In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warn: '&tgt-list' not removed from list If deviceadd fails in snictgtcreate, tgt will be freed, but...

CVE-2022-50840

In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warn: '&tgt-list' not removed from list If deviceadd fails in snictgtcreate, tgt will be freed, but...

CVE-2022-50840

The CVE-2022-50840 issue affects the Linux kernel SCSI driver snic: the code path snic_tgt_create() could trigger a use-after-free if device_add() fails, because tgt->list was not removed from snic->disc.tgt_list before freeing. The fix removes the tgt from snic->disc.tgt_list prior to f...

CVE-2022-50840 scsi: snic: Fix possible UAF in snic_tgt_create()

In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warn: '&tgt-list' not removed from list If deviceadd fails in snictgtcreate, tgt will be freed, but...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Mass Payload Attack React2Shell A modified M...

SAP-Nuclei-Templates

SAP-Nuclei-Templates Nuclei Templates fo...

Exploit for SQL Injection in Bplugins Html5_Video_Player

EN A PoC exploit scanner for CVE-2024-5522 vulnerability in Wo...

DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors

The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down. The updated variant, written in Golang, "implements an additional security...

Do you know your OpSec?

Open Source Intelligence OSINT is any information in the public domain that an attacker can dig up about you. Because of that it forms the basis of every Red Team engagement, as threat actor scenarios are created using publicly available information. Bearing that in mind it makes sense to review...

TrickBot Banking Trojan Adds New Browser Manipulation Tools

The TrickBot banking Trojan, a close relative to Dyre, has a growing target list and new browser manipulation techniques, experts at IBM X-Force said. “We expect to see it amplify infection campaigns and fraud attacks, sharpen its aim on business and corporate accounts,” wrote Limor Kessem,...

Shylock Trojan Going Global with New Features, Resilient Infrastructure

The prolific, credential-stealing Shylock banking Trojan is growing increasingly sophisticated as its creators continue adding new modules and functionalities to the man-in-the-browser malware, according to a Symantec report. To this point, Shylock has made its money via man-in-the-browser attack...

ettercap -- buffer overflow in target list parsing

Host target list parsing routine in ettercap 0.7.4-series prior to 0.7.4.1 and 0.7.5-series is prone to the stack-based buffer overflow that may lead to the code execution with the privileges of the ettercap process. In order to trigger this vulnerability, user or service that use ettercap should...

Nmap NSE net: resolveall

Resolves hostnames and adds every address IPv4 or IPv6, depending on Nmap mode to Nmap's target list. This differs from Nmap's normal host resolution process, which only scans the first address A or AAAA record returned for each host name. SYNTAX: resolveall.hosts: Table of hosts to resolve OpenV...

Nmap NSE net: snmp-interfaces

Attempts to enumerate network interfaces through SNMP. This script can also be run during Nmap's pre-scanning phase and can attempt to add the SNMP server's interface addresses to the target list. The script argument 'snmp- interfaces.host' is required to know what host to probe. To specify a por...

resolveall NSE Script

NOTE: This script has been replaced by the --resolve-all command-line option in Nmap 7.70 Resolves hostnames and adds every address IPv4 or IPv6, depending on Nmap mode to Nmap's target list. This differs from Nmap's normal host resolution process, which only scans the first address A or AAAA...

Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit

No description provided by source. // Bea Weblogic -- Apache Connector Remote Exploit +-1day // Should stack break latest Windows Server 2003 address space randomization // BIG THANKS TO // "dong-hun you"Xpl017Elz in INetCop - for his paper // "Title: Advanced exploitation in exec-shield Fedora...