Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool

/\ / | / \ | \ | || | | | | / | /| |/ |/ |/ ,/; ; ; ,'/|; ,/,/, ,'/ |;/,/,/,/| ,/; |;|/,/,/,/,/| ,/'; |;|,/,/,/,/,/| ,/'; |;|/,/,/,/,/,/|, / ; |;|,/,/,/,/,/,/| / ,'; |;|/,/,/,/,/,/,/| /,/'; |;|,/,/,/,/,/,/,/| /;/ '; |;|/,/,/,/,/,/,/,/| ██████╗ ███████╗ ██████╗ █████╗ ███████╗██╗ ██╗███████╗...

TokenProber: Jailbreaking Text-To-Image Models Via Fine-Grained Word Impact Analysis

Text-to-image T2I models have significantly advanced in producing high-quality images. However, such models have the ability to generate images containing not-safe-for-work NSFW content, such as pornography, violence, political content, and discrimination. To mitigate the risk of generating NSFW...

Offensive Security for AI Systems: Concepts, Practices, and Applications

As artificial intelligence AI systems become increasingly adopted across sectors, the need for robust, proactive security strategies is paramount. Traditional defensive measures often fall short against the unique and evolving threats facing AI-driven technologies, making offensive security an...

com.atlan:package-toolkit-testing (>=5.3.1 <=6.1.2), com.buschmais.jqassistant.cli:jqassistant-commandline-neo4jv5 (>=2.6.0 <=2.8.0) +751 more potentially affected by CVE-2025-1948 via org.eclipse.jetty.http2:jetty-http2-hpack (>=12.0.0 <=12.0.16)

org.eclipse.jetty.http2:jetty-http2-hpack MAVEN version =12.0.0, =5.3.1, =2.6.0, =1.41.1, =1.1.18, =2.0.20, =3.0.0, =3.0.2, =3.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0-A1, =4.0.0-A1, =4.0.0-A1, =4.1.0, =4.2.1 and more Source cves: CVE-2025-1948 Source advisory: SNYK:JAVA-ORGECLIPSEJETTYHTTP2-10118703...

be.yildiz-games:module-messaging-activemq (=1.0.15), com.chutneytesting:action-impl (>=2.2.1 <=3.0.0) +53 more potentially affected by CVE-2025-27533 via org.apache.activemq:activemq-openwire-legacy (>=5.18.0 <=5.18.6)

org.apache.activemq:activemq-openwire-legacy MAVEN version =5.18.0, =2.2.1, =2.2.1, =2.2.2, =2.2.1, =0.17.0, =0.19.12-2023-11-12, =0.19.12-2023-11-12, =RC0-0.19.12-2023-10-27, =0.19.12-2023-11-12, =1.2.1.2, =1.2.1.1-beta.1, =0.10.0, =1.1.0, =1.5.0, =1.7.1 and more Source cves: CVE-2025-27533 Sour...

Do Not Install the HTTP Service

HyperText Transfer Protocol HTTP is a simple request-response protocol and usually runs over TCP. It specifies what messages the client may send to the server and what responses the client receives. Request and response messages include headers in ASCII, and the message content often uses a...

Disable IP Forwarding

If a node does not function as a gateway server, disable the IP forwarding function. Otherwise, attackers can use the node as a router. In the container scenario, if network packets need to be forwarded through the host, IP forwarding is allowed. SPDX-FileCopyrightText: 2025 Greenbone AG Some tex...

Commvault Command Center Innovation Release 11.38 Remote Code Execution

Remote code execution exploit for Commvault Command Center version 11.38. Written in Python. This tool allows testing single targets or scanning multiple hosts in bulk...

Nipah virus Testing Management System patient-search-report.php file SQL Injection Vulnerability

Nipah Virus Testing Management System is an online virus diagnostic platform. The Nipah Virus Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchdata in the file...

COVID19 Testing Management System password-recovery.php File SQL Injection Vulnerability

The COVID19 Testing Management System is a new crown pneumonia testing management system. COVID19 Testing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contactno in the file...

COVID19 Testing Management System test-details.php File SQL Injection Vulnerability

The COVID19 Testing Management System is a new crown pneumonia testing management system. The COVID19 Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter Status in the /test-details.php...

COVID19 Testing Management System /patient-report.php File SQL Injection Vulnerability

The COVID19 Testing Management System is a new crown pneumonia testing management system. The COVID19 Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchdata in the file...

Exploit for CVE-2025-2011

CVE-2025-2011 - Depicter Plugin SQL Injection Vulnerability...

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

CVE-2025-4306

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely...

CVE-2025-4306 PHPGurukul Nipah Virus Testing Management System edit-phlebotomist.php sql injection

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-58063)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-58063 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and...

The vulnerability of the INDIGO testing system lies in the absence of restrictions on authentication attempts. This allows a perpetrator to carry out an attack using brute-force methods—automated password retrieval.

The vulnerability of the INDIGO testing system is related to the absence of restrictions on authentication attempts. Exploiting this vulnerability allows a perpetrator, operating remotely, to carry out an attack using brute-force methods automated password cracking...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21920)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21920 advisory. - In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-58058)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-58058 advisory. - In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot ...