Lyussfyuring002

lyussfyuring002 web exploitation + OSINT toolkit for people...

Exploit for Argument Injection in Phpmailer_Project Phpmailer

MediCare Portal Intentionally vulnerable healthcare patient...

CVE-2026-25828

grub-btrfs through 2026-01-31 on Arch Linux and derivative distributions allows initramfs OS command injection because it does not sanitize the $root parameter to resolvedevice. NOTE: a third party reports "exploitation may not be feasible under normal conditions and may depend on specific...

CVE-2026-25828

grub-btrfs through 2026-01-31 on Arch Linux and derivative distributions allows initramfs OS command injection because it does not sanitize the $root parameter to resolvedevice. NOTE: a third party reports "exploitation may not be feasible under normal conditions and may depend on specific...

CVE-2026-25828

grub-btrfs through 2026-01-31 on Arch Linux and derivative distributions allows initramfs OS command injection because it does not sanitize the $root parameter to resolvedevice. NOTE: a third party reports "exploitation may not be feasible under normal conditions and may depend on specific...

PT-2026-7909

grub-btrfs through 2026-01-31 on Arch Linux and derivative distributions allows initramfs OS command injection because it does not sanitize the $root parameter to resolve device...

CVE-2026-25828

grub-btrfs through 2026-01-31 on Arch Linux and derivative distributions allows initramfs OS command injection because it does not sanitize the $root parameter to resolvedevice. NOTE: a third party reports "exploitation may not be feasible under normal conditions and may depend on specific...

Exploit for CVE-2026-25828

CVE-2026-25828 - Command Injection in grub-btrfs initramfs hoo...

Periodic Script Persistence

This module will achieve persistence by writing a script to the /etc/periodic directory. According to The Art of Mac Malware no such malware species persist in this manner 2024. This payload requires root privileges to run. This module can be run on BSD, OSX or Arch Linux. Module Options msf use...

EUVD-2023-28637

Malicious code in bioql PyPI...

ImageMagick has a Heap Buffer Overflow in InterpretImageFilename

Heap Buffer Overflow in InterpretImageFilename Summary A heap buffer overflow was identified in the InterpretImageFilename function of ImageMagick. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs...

[ASA-202506-5] konsole: arbitrary code execution

Arch Linux Security Advisory ASA-202506-5 ========================================= Severity: High Date : 2025-06-11 CVE-ID : CVE-2025-49091 Package : konsole Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2897 Summary ======= The package konsole before...

[ASA-202506-2] curl: denial of service

Arch Linux Security Advisory ASA-202506-2 ========================================= Severity: Low Date : 2025-06-05 CVE-ID : CVE-2025-5399 Package : curl Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2895 Summary ======= The package curl before version 8.14.1-1 i...

[ASA-202505-12] go: directory traversal

Arch Linux Security Advisory ASA-202505-12 ========================================== Severity: Low Date : 2025-05-19 CVE-ID : CVE-2025-22873 Package : go Type : directory traversal Remote : No Link : https://security.archlinux.org/AVG-2878 Summary ======= The package go before version 2:1.24.3-1...

Security update for build

This update for build fixes the following issues: - CVE-2024-22038: Fixed DoS attacks, information leaks with crafted Git repositories bnc1230469 Other fixes: - Fixed behaviour when using "--shell" aka "osc shell" option in a VM build. Startup is faster and permissions stay intact now. fixes for...

World Writable Directory in /var/log/below Allows Local Privilege Escalation

Below is a tool for recording and displaying system data like hardware utilization and cgroup information on Linux. Symlink Attack in /var/log/below/errorroot.log Below's systemd service runs with full root privileges. It attempts to create a world-writable directory in /var/log/below. Even if th...

Linux Distros Unpatched Vulnerability : CVE-2024-46733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix qgroup reserve leaks in cowfilerange In the buffered write path, the dirty page owns the qgroup reserve until it creates an orderedextent. Therefore,...

CVE-2024-36281 net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use mlx5ipsecrxstatusdestroy to correctly delete status rules rxcreate no longer allocates a modifyhdr instance that needs to be cleaned up. The mlx5modifyheaderdealloc call will lead to a NULL pointer dereference. A le...

Sttr - Cross-Platform, Cli App To Perform Various Operations On String

sttr is command line software that allows you to quickly run various transformation operations on the string. // With input prompt sttr // Direct input sttr md5 "Hello World" // File input sttr md5 file.text sttr base64-encode image.jpg // Reading from different processor like cat, curl, printf...

Backdoored XZ Utils (CVE-2024-3094)

On Friday, March 29, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used command line tool XZ Utils liblzma. The backdoor, added by an...