PT-2025-54005

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc1-gde5e8fd0123c 11 Description The mptcp protocol could run a worker when the associated socket was in an unexpected state, specifically during a connect operation following an incoming reset and fastclos...

waitress: Waitress has a denial of service leading to high CPU usage/resource exhaustion

A flaw was found in the Waitress WSGI server for Python. When a remote client closes the connection before waitress has had the opportunity to call getpeername, waitress will incorrectly clean up the connection, leading to the main thread attempting to write to a socket that no longer exists, and...

CVE-2024-26625

In the Linux kernel, the following vulnerability has been resolved: llc: call sockorphan at release time syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In commit ff7b11aa481f "net: socket: set sock-sk to NULL after calling protoops::release" Eric...

VNC Server (Reflective Injection), Hidden Bind Ipknock TCP Stager

Inject a VNC Dll via a reflective loader staged. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket wil...