CVE-2026-34808 Endian Firewall /cgi-bin/outgoingfw.cgi remark Stored Cross-Site Scripting

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/outgoingfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

PT-2026-2660

Name of the Vulnerable Software and Affected Versions Windows Kernel affected versions not specified Description A time-of-check time-of-use TOCTOU race condition exists within the Windows Kernel Memory. This condition can be exploited by an authorized attacker to gain elevated privileges on a...

CVE-2025-53409

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

CVE-2025-54111

Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally...

PT-2024-3601 · Microsoft · Windows Routing/Remote Access Service +1

Name of the Vulnerable Software and Affected Versions: Windows Routing and Remote Access Service RRAS affected versions not specified Description: The issue is related to errors of numerical truncation in the Windows RRAS service, which can be exploited by a remote attacker to execute arbitrary...

ROS-20240409-12

A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code Eclipse Jetty servlet container vulnerability is related to errors in processi...

Huawei HarmonyOS and EMUI Data Confidentiality Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. A data confidentiality vulnerability exists in Huawei...

Odd security letter issued to Microsoft a high-risk vulnerability warning Win10 as the main effect of the target-vulnerability warning-the black bar safety net

Recently, Qi'an letter of Threat Intelligence Center released Microsoft WindowsSMBv3 service remote code execution vulnerability announcements. Notice that 3 on 11 May, the foreign company released a recent Microsoft security patch design vulnerability summary, which includes a threat level is...

FTP2FTP 1.0 - Arbitrary File Download

FTP2FTP 1.0 - Arbitrary File Download Exploit Title: FTP2FTP 1.0 - Arbitrary File Download Dork: N/A Date: 18.07.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/ftp2ftp-server-to-server-file-transfer-php-script/21972395 Version: 1.0 Category: Webapps...

Microsoft Windows jscript!NameTbl::GetValDef Use-After-Free Exploit

Exploit for windows platform in category dos / poc Windows: use-after-free in jscript!NameTbl::GetValDef CVE-2017-11903 There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - An attacker on the local network could exploit this...

Zen Cart 1.3.8 Remote Code Execution Exploit

No description provided by source. !/usr/bin/php ?php ------- Zen Cart 1.3.8 Remote Code Execution http://www.zen-cart.com/ Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone! A new version 1.3.8a is avaible on http://www.zen-cart.com/ BlackH : errorreportingEALL ^...