EUVD-2026-36553

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special escape code will make kitty return an error, this error is not escaped and will be correctly echoed back to the terminal with CRLF, as su...

EUVD-2022-2514

Malicious code in bioql PyPI...

EUVD-2022-5572

Malicious code in bioql PyPI...

EUVD-2022-4002

Malicious code in bioql PyPI...

EUVD-2022-4899

Malicious code in bioql PyPI...

EUVD-2022-1895

Malicious code in bioql PyPI...

CVE-2019-10293

A missing permission check in Jenkins Kmap Plugin in KmapJenkinsBuilder.DescriptorImpl form validation methods allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

CVE-2019-1003099

A missing permission check in Jenkins openid Plugin in the OpenIdSsoSecurityRealm.DescriptorImpldoValidate form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

CVE-2025-47886

A cross-site request forgery CSRF vulnerability in Jenkins Cadence vManager Plugin 4.0.1-286.v9e25a740ba48 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password...

Jenkins Extended Choice Parameter Plugin 权限许可和访问控制问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins Extended Choice Parameter Plugin is vulnerable to a permission...

Windows Inject Reflective PE Files, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

Windows Inject PE Files, Reverse All-Port TCP Stager

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

CVE-2019-1326

A denial of service vulnerability exists in Remote Desktop Protocol RDP when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol RDP Denial of Service Vulnerability'...

Windows Meterpreter Shell, Reverse HTTPS Inline (x64)

Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 204892 include Msf::Payload::TransportConf...