Lucene search
K

45044 matches found

GithubExploit
GithubExploit
added 2025/12/04 4:55 p.m.179 views

Exploit for CVE-2025-55182

Here is your ready-to-copy-paste README.md — clean, professional...

10CVSS7.8AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2025/12/04 4:49 p.m.219 views

Pentesting-Metasploitable2-SMB-Service

Metasploitable2 – SMB Vulnerability Exploitation 🚀 This proje...

7.6AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/12/04 3:6 p.m.2 views

SUSE CVE-2025-66399

Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters including newlines that are...

8.8CVSS6.8AI score0.10941EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/12/04 12:11 a.m.9 views

CVE-2025-65842

The Aquarius HelperTool 1.0.003 privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights...

5.1CVSS7.1AI score0.00141EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/04 12:11 a.m.5 views

CVE-2025-57200

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the testmail function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

6.5CVSS8.4AI score0.02088EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/12/04 12:11 a.m.10 views

CVE-2025-57201

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

8.8CVSS8.4AI score0.07135EPSS
Exploits2References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/04 12:0 a.m.5 views

Malicious code in elf-stats-festive-sparkler-275 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3adaeddf56adca42174e060e74d72cba7c7afff543772ffc7037f6329fe0359 The package elf-stats-festive-sparkler-275 was found to contain malicious code. Source: ghsa-malware...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.7 views

PT-2025-49131

Easywall 0.3.1 allows authenticated remote command execution via a command injection vulnerability in the /ports-save endpoint that suffers from a parameter injection flaw. Attackers can inject shell metacharacters to execute arbitrary commands on the server...

8.7CVSS8.4AI score0.01568EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.4 views

Easywall 参数注入漏洞

Easywall is a jpylypiw open source firewall software. A parameter injection vulnerability exists in Easywall version 0.3.1, which stems from a command injection in the /ports-save endpoint that could lead to the execution of arbitrary commands...

8.7CVSS7.6AI score0.01568EPSS
Exploits0References4
CVE
CVE
added 2025/12/04 12:0 a.m.13 views

CVE-2025-54306

Summary: CVE-2025-54306 affects Thermo Fisher Torrent Suite Django application 5.18.1. A remote code execution vulnerability arises from insufficient input validation in the network configuration flow accessed via /admin/network. User-controlled data is written to environment variables by Bash sc...

7.2CVSS8.2AI score0.00682EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-58098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd=...

8.3CVSS7.1AI score0.015EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/03 6:25 p.m.15 views

CVE-2025-66208 Configuration-Dependent RCE (OS Command Injection) in richdocumentscode proxy

Collabora Online - Built-in CODE Server richdocumentscode provides a built-in server with all of the document editing features of Collabora Online. In versions prior to 25.04.702, Collabora Online has a Configuration-Dependent RCE OS Command Injection in richdocumentscode proxy. Users of Nextclou...

9.2CVSS0.00948EPSS
Exploits0References1
OSV
OSV
added 2025/12/03 5:15 p.m.4 views

CVE-2025-65842

The Aquarius HelperTool 1.0.003 privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights...

5.1CVSS6AI score0.00141EPSS
Exploits1References1
NVD
NVD
added 2025/12/03 5:15 p.m.11 views

CVE-2025-65842

The Aquarius HelperTool 1.0.003 privileged XPC service on macOS contains multiple flaws that allow local privilege escalation. The service accepts XPC connections from any local process without validating the client's identity, and its authorization logic incorrectly calls AuthorizationCopyRights...

5.1CVSS0.00141EPSS
Exploits1References1
OSV
OSV
added 2025/12/03 5:15 p.m.2 views

MAL-2025-192244 Malicious code in hast-util-to-mdast9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fabf8dc58c17b065c6576e16228fa6dbe32f4944b01419821880c59edb28d012 The package hast-util-to-mdast9 was found to contain malicious code. Source: ghsa-malware...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/03 5:15 p.m.7 views

Malicious code in hast-util-to-mdast9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fabf8dc58c17b065c6576e16228fa6dbe32f4944b01419821880c59edb28d012 The package hast-util-to-mdast9 was found to contain malicious code. Source: ghsa-malware...

7AI score
Exploits0References1
CVE
CVE
added 2025/12/03 4:49 p.m.29 views

CVE-2025-34319

TOTOLINK N300RT devices with firmware older than V3.4.0-B20250430 are affected by an OS command injection in the Boa formWsc handling functionality (discovered in V2.1.8-B20201030.1539). The vulnerability allows an unauthenticated attacker to execute commands via the targetAPSsid request paramete...

9.3CVSS7.5AI score0.04163EPSS
Exploits0References3
NVD
NVD
added 2025/12/03 4:15 p.m.5 views

CVE-2025-57199

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

8.8CVSS0.0296EPSS
Exploits2References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/03 3:25 p.m.5 views

Malicious code in elf-stats-mulled-bauble-252 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b496322bb576fe2d9c78c8c2982cbbea3a84587c945d2f580c242e2256b0ef69 The package elf-stats-mulled-bauble-252 was found to contain malicious code. Source: ossf-package-analysis...

7.1AI score
Exploits0
OSV
OSV
added 2025/12/03 3:25 p.m.3 views

MAL-2025-191986 Malicious code in elf-stats-mulled-bauble-252 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b496322bb576fe2d9c78c8c2982cbbea3a84587c945d2f580c242e2256b0ef69 The package elf-stats-mulled-bauble-252 was found to contain malicious code. Source: ossf-package-analysis...

7AI score
Exploits0
Rows per page
Query Builder