Oracle Linux 10 : ELSA-2025-20478-0: / zziplib (ELSA-2025-204780)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-204780 advisory. 0.13.78-2 - Fix directory traversal in unzip binary - Disable the CVE tests during the check phase - the reproducers for these are downloaded from the github...

FreeBSD : MongoDB -- Improper Validation of Specified Quantity in Input (ea64d2ec-ced4-11f0-a958-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ea64d2ec-ced4-11f0-a958-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-108565 reports: Inconsistent object size validation in time seri...

Malicious code in pulsecord (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 025d4e33a2037fb9ad36cb4b08b122e4439bb4932b73ac6c6f403609e7e1c09e This package is prepared for silent execution of a malicious executable, with disabling AV protection. While there is no link to the malicious binary inside, t...

CVE-2025-57489

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary...

EUVD-2025-200024

Heap-based Buffer Overflow, Out-of-bounds Write vulnerability in Avast Antivirus on MacOS of a crafted Mach-O file may allow Local Execution of Code or Denial of Service of antivirus protection. This issue affects Antivirus: from 15.7 before 3.9.2025...

Exploit for Out-of-bounds Read in Openssl

--- Cybersecurity Labs Portfolio This repository contain...

CVE-2025-57489

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary...

PT-2025-48483

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary...

binary-exploitation-playground

Binary Exploitation Playground 🚩 Repository ini berisi kumpul...

CVE-2025-66266 Insecure SYSTEM Service Permissions in UPSilon2000V6.0 (RupsMon.exe) leading to trivial Local Privilege Escalation

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...

CVE-2025-13507

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...

Schneider Electric PowerChute Serial Shutdown Installed (Windows)

Binary data schneiderelectricpowerchuteserialshutdown.nbin...

Malicious code in @postman/pm-bin-windows-x64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02ae17f856e11e19fc956689bbc3e88c8de0052e0ea1017d2048d92f20bfa91b The package @postman/pm-bin-windows-x64 was found to contain malicious code. Source: google-open-source-security...

EUVD-2025-198920

Malicious code in @postman/pm-bin-macos-x64 npm...

EUVD-2025-198922

Malicious code in @postman/pm-bin-linux-x64 npm...

Malicious code in @postman/pm-bin-linux-x64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94045a09bfa0905195be4f028d9e42bcf608154a645b14b2028754dc6e787b80 The package @postman/pm-bin-linux-x64 was found to contain malicious code. Source: google-open-source-security...

postman-cli (>=1.16.0-canary.1 <=1.24.2) potentially affected by unknown CVE via @postman/pm-bin-linux-x64 (>=1.16.0-canary.1 <=1.24.2)

@postman/pm-bin-linux-x64 NPM version =1.16.0-canary.1, =1.16.0-canary.1, =1.24.2 Source cves: unknown CVE Source advisory: SNYK:JS-POSTMANPMBINLINUXX64-14103292...

Gladinet Triofox Installed (Windows)

Binary data gladinettriofoxwininstalled.nbin...

BASICS: Binary Analysis and Stack Integrity Checker System for Buffer Overflow Mitigation

Cyber-Physical Systems have played an essential role in our daily lives, providing critical services such as power and water, whose operability, availability, and reliability must be ensured. The C programming language, prevalent in CPS development, is crucial for system control where reliability...

EulerOS 2.0 SP13 : icu (EulerOS-SA-2025-2435)

According to the versions of the icu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the...