HTTPS Fetch, Windows Meterpreter Shell, Reverse HTTP Inline

Fetch and execute an x86 payload from an HTTPS server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/https/x86/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf...

EUVD-2026-1178

Quarkus is a Cloud Native, Linux Container First framework for writing Java applications. Prior to versions 3.31.0, 3.27.2, and 3.20.5, a vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously writt...

Konica Bizhub Multifunction Printers Cross-site Scripting (CVE-2025-5884)

Cross-site scripting vulnerability CWE94, CWE-79 was found in the specific input fields of the Web Connection. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504858; scriptversion"1.2"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/02/20";...

Konica Bizhub Multifunction Printers Cross-site Request Forgery (CVE-2025-5885)

Cross-site request forgery vulnerability CWE-352, CWE-862 was found in the Web Connection. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504861; scriptversion"1.2"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/02/20";...

Konica Bizhub Multifunction Printers Uncaught Exception (CVE-2025-54777)

Importing a malformed file in Registration of Certification Information for S/MIME for Email Destination causes the Web Connection to stop. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504856; scriptversion"1.2";...

EUVD-2025-26179

Malicious code in bioql PyPI...

Denial-of-service (DoS) vulnerability in Konica Minolta bizhub series

Overview A vulnerability that could allow a Denial-of-Service DoS is reported in the Konica Minolta bizhub series. Konica Minolta bizhub series provided by Konica Minolta, Inc. contains the following vulnerability. Uncaught exception CWE-248 - CVE-2025-54777 Konica Minolta, Inc. reported this...

CVE-2025-54777

Uncaught exception issue exists in Multiple products in bizhub series. If a malformed file is imported as an S/MIME Email certificate, it may cause a denial-of-service issue that disable the Web Connection feature...

CVE-2025-54777

Uncaught exception issue exists in Multiple products in bizhub series. If a malformed file is imported as an S/MIME Email certificate, it may cause a denial-of-service issue that disable the Web Connection feature...

CVE-2025-54777

CVE-2025-54777 affects Konica Minolta bizhub series. An uncaught exception in processing S/MIME Email certificates can trigger a DoS that disables the Web Connection feature. The issue is reported across multiple bizhub products; vulnerable component is the S/MIME handling during certificate impo...

CVE-2025-54777

Uncaught exception issue exists in Multiple products in bizhub series. If a malformed file is imported as an S/MIME Email certificate, it may cause a denial-of-service issue that disable the Web Connection feature...

CVE-2025-54777

Uncaught exception issue exists in Multiple products in bizhub series. If a malformed file is imported as an S/MIME Email certificate, it may cause a denial-of-service issue that disable the Web Connection feature...

PT-2025-35192

Name of the Vulnerable Software and Affected Versions: bizhub series affected versions not specified Description: An uncaught exception issue exists that may cause a denial-of-service by disabling the Web Connection feature when a malformed file is imported as an S/MIME Email certificate...

Multiple vulnerabilities in Web Connection of Konica Minolta MFPs

Overview Multiple MFPs multifunction printers provided by Konica Minolta, Inc. contain multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2025-5884 Cross-site request forgery CWE-352 - CVE-2025-5885 Konica Minolta, Inc. reported these vulnerabilities to JPCERT/CC to notify...

Unable to Connect the Secure Web with the Error "Cannot open page"

Unable to open the internal pages from Secure Web. Error"Cannot open page"is displayed...

Mozilla: Use-after-free in WebRTC certificate generation

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS...

ISC BIND 缓冲区错误漏洞

ISC BIND is the United States ISC company's set of open source software that implements the DNS protocol. ISC BIND suffers from a buffer overflow vulnerability that originates when reusing an HTTP connection to request statistics from the stats channel, where the length of the contents of...

LibreOffice encryption problem vulnerability

LibreOffice is an open source office software suite from The Document Foundation tdf. The product includes applications such as Writer text documents, Calc spreadsheets, and Impress presentations.LibreOffice is vulnerable to an encryption problem that stems from LibreOffice using weak...

Design/Logic Flaw

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...

LibreOffice 安全特征问题漏洞

LibreOffice is an open source office software suite from The Document Foundation tdf. The product includes applications such as Writer text documents, Calc spreadsheets, and Impress presentations.LibreOffice is vulnerable to an encryption problem that stems from LibreOffice using weak...