Exploit for CVE-2025-9242

watchTowr-vs-WatchGuard-CVE-2025-9242 Detection Artifact Gene...

PT-2025-39875

Name of the Vulnerable Software and Affected Versions Medical Informatics Engineering Enterprise Health affected versions not specified Description A reflected cross site scripting issue exists in the 'portlet user id' URL parameter. An unauthenticated, remote attacker can create a malicious URL ...

CVE-2025-9242 WatchGuard Firebox iked Out of Bounds Write Vulnerability

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

PT-2025-37370

Name of the Vulnerable Software and Affected Versions Ceragon Networks / Siklu Communication EtherHaul series versions 7.4.0 through 10.7.3 Description The rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak...

PT-2025-37369

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-10 6 2-18707-ea552dc00b devices have a static root password...

Linux Distros Unpatched Vulnerability : CVE-2019-9642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by...

CVE-2025-9872

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

CVE-2025-40795

The CVE-2025-40795 issue affects Siemens SIMATIC PCS neo versions 4.1, 5.0 and 6.0, and the integrated User Management Component (UMC)

PT-2025-36681

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS neo versions 4.1 All versions SIMATIC PCS neo versions 5.0 All versions User Management Component UMC versions prior to 2.15.1.3 Description: A stack-based buffer overflow vulnerability exists in the integrated User Management...

Linux Distros Unpatched Vulnerability : CVE-2020-15591

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fexsrv in FEX aka Frams' Fast File EXchange before fex-201609192 allows eval injection for unauthenticated remote code execution. CVE-2020-15591 Note that Nessu...

Linux Distros Unpatched Vulnerability : CVE-2019-1010060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. T...

CVE-2024-52786

An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated attackers to execute arbitrary code via a crafted URL...

CVE-2024-52786

CVE-2024-52786 affects the anji-plus AJ-Report project (≤ v1.4.2). The vulnerability is an authentication bypass that could let unauthenticated attackers execute arbitrary code via a crafted URL. Severity is high (CVSS v3.1: 9.8, Critical; Network access, no user interaction). Affected product/ve...

CVE-2022-31491

CVE-2022-31491 affects Voltronic Power ViewPower (<= 1.04-24215), ViewPower Pro (<= 2.0-22165), and PowerShield Netguard ( 1.04-24215, ViewPower Pro > 2.0-22165, Netguard >= 1.04-23292); multiple advisories (CISA ICS, Red Hat, NVD) corroborate the vulnerability. If available, PoC/Expl...

CVE-2025-8913

Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server...

CVE-2025-25256

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute...

CVE-2025-25256

Fortinet FortiSIEM contains an OS command injection (CWE-78) vulnerability that allows an unauthenticated attacker to execute arbitrary commands via crafted CLI requests. Affected versions span FortiSIEM 6.1–6.7, 7.0–7.3 (specifically 7.0.0–7.0.3, 7.1.0–7.1.7, 7.2.0–7.2.5, 7.3.0–7.3.1) with fixed...

Exploit for Code Injection in Xwiki

CVE-2025-24893 XWiki Unauthenticated Remote code execution POC...

Lantronix Provisioning Manager XML External Entity Injection Vulnerability

Lantronix Provisioning Manager is a software for gateway configuration and firmware updates from Lantronix USA. Lantronix Provisioning Manager suffers from an XML External Entity Injection vulnerability that arises from a network system or product that does not have the correct filters set to all...

Lantronix Provisioning Manager 代码问题漏洞

Lantronix Provisioning Manager is a software for gateway configuration and firmware updates from Lantronix USA. Lantronix Provisioning Manager suffers from an XML External Entity Injection vulnerability that arises from a network system or product that does not have the correct filters set to all...