Exploit for CVE-2025-2249

🔐 WordPress SoJ SoundSlides Plugin ⚠️ DISCLAIMER: This ex...

Malicious code in @mukesh-d11/testing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d20ad4be51546dacd490a45160968ae270951a7485eeb7a2ad2f3438efc63a1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Exploit for Improper Restriction of Excessive Authentication Attempts in Fortinet Fortiauthenticator

CVE-2023-26208 Exploit Automation Para Fins Educacionais 🚨 📌...

DEBIAN-CVE-2023-52932

In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add condresched in getswappages The softlockup still occurs in getswappages under memory pressure. 64 CPU cores, 64GB memory, and 28 zram devices, the disksize of each zram device is 50MB with same priority as si. Us...

UBUNTU-CVE-2022-49760

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlbchangeprotection Patch series "mm/hugetlb: uffd-wp fixes for hugetlbchangeprotection". Playing with virtio-mem and background snapshots using uffd-wp on hugetlb in QEMU, I managed to...

CVE-2023-52998 net: fec: Use page_pool_put_full_page when freeing rx buffers

In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...

CVE-2023-52998

CVE-2023-52998 — In the Linux kernel’s fec driver, freeing RX buffers used page_pool_release_page, which unmaps but doesn’t recycle pages, enabling memory exhaustion after repeated eth0 up/down. A fix replaces it with page_pool_put_full_page, recycling the page when refcnt == 1. The vulnerability...

CVE-2023-52932 mm/swapfile: add cond_resched() in get_swap_pages()

In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add condresched in getswappages The softlockup still occurs in getswappages under memory pressure. 64 CPU cores, 64GB memory, and 28 zram devices, the disksize of each zram device is 50MB with same priority as si. Us...

Exploit for CVE-2025-30208

CVE-2025-30208-LFI !IMPORTANT Disclaimer This exploit...

Exploit for CVE-2025-29927

CVE-2025-29927 Checker 📌 Introduction This script checks for t...

CVE-2025-31165

Cross-Site Scripting XSS vulnerability in the Logbug module of NightWolf Penetration Testing Platform 1.2.2 allows attackers to execute JavaScript through the markdown editor feature...

CVE-2025-31165

CVE-2025-31165 is an XSS vulnerability in the Logbug module of NightWolf Penetration Testing Platform 1.2.2 , specifically through the markdown editor feature . The description states that attackers can execute JavaScript via this editor. The CVSS metrics included indicate a base score of 6.9 (Me...

Penetration Testing Services: Strengthening Cybersecurity Against Evolving Threats

Cybersecurity threats are evolving at an unprecedented pace, leaving organizations vulnerable to large-scale attacks. Security breaches and data…...

Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience

"A boxer derives the greatest advantage from his sparring partner…" — Epictetus, 50–135 AD Hands up. Chin tucked. Knees bent. The bell rings, and both boxers meet in the center and circle. Red throws out three jabs, feints a fourth, and—BANG—lands a right hand on Blue down the center. This wasn't...

Splunk Enterprise 9.1.0 < 9.1.8, 9.2.0 < 9.2.5, 9.3.0 < 9.3.3 (SVD-2025-0303)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0303 advisory. - In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and...

Exploit for CVE-2025-29927

Testing script for CVE-2025-29927 Provided by CyberMaxx. CV...

How to Create a Scan in Perl to Identify Vulnerable POP3 Servers

This paper, written in Brazilian Portuguese, explains how to create a Perl script to identify vulnerable POP3 servers. In the context of application security, the author provides mitigation recommendations...

Exploit for Code Injection in Apache Commons_Text

text4shell-exploit A custom Python-based proof-of-concept PoC...

CVE-2025-29640

Phpgurukul Human Metapneumovirus HMPV – Testing Management System v1.0 is vulnerable to SQL Injection in /patient-report.php via the parameter searchdata...

Fedora 41 : dotnet8.0 (2025-adbd75f500)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-adbd75f500 advisory. This is the monthly update for .NET for March 2025. Release Notes: - SDK https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.14/8.0.114.md -...