CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Advanced Scanner !Pythonhttps://img.shields.i...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell A scanner for detecting and exploiting Next.js...

CVE-2025-27020

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

MAL-2025-192386 Malicious code in telcoo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c96937a82adce2ecc6628245fd858587131511b4145c04f577ec25d8fa846577 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...

CVE-2025-65882

OpenMPTCProuter flaw CVE-2025-65882 affects versions up to 0.64. The issue is located in common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c, in function create_xor_ipad_opad, potentially allowing an attacker to write arbitrary files or execute arbitrary commands. Documented impact is ...

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from improper input validation and could lead to arbitrary command execution...

OpenMPTCProuter 安全漏洞

OpenMPTCProuter is a TCP Internet connection software by the individual developer Ycarus Yannick Chabanois. A security vulnerability exists in OpenMPTCProuter version 0.64 and earlier versions, which originates from the possibility of writing arbitrary files or executing arbitrary commands...

PT-2025-50105

Name of the Vulnerable Software and Affected Versions NETGEAR Nighthawk routers versions 1.0.7.82 and earlier NETGEAR RAX54Sv2 versions before V1.1.6.36 NETGEAR RAX41v2 versions before V1.1.6.36 NETGEAR RAX50 versions before V1.2.14.114 NETGEAR RAXE500 versions before V1.2.14.114 NETGEAR RAX41...

CVE-2025-65882

An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function createxoripadopad allowing attackers to potentially write arbitrary files or execute arbitrary commands...

PT-2025-50216

Name of the Vulnerable Software and Affected Versions openmptcprouter versions through 0.64 Description An issue exists in openmptcprouter through version 0.64, specifically within the file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c and the create xor ipad opad function. This...

PHOENIX CONTACT FL SWITCH 安全漏洞

PHOENIX CONTACT FL SWITCH is an industrial grade Ethernet switch from PHOENIX CONTACT, Germany. A security vulnerability exists in PHOENIX CONTACT FL SWITCH versions prior to 3.50, which stems from the SSH feature that allows the execution of commands that may result in degraded performance of...

Linux Distros Unpatched Vulnerability : CVE-2025-2296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Improper Input Validation by local access. Successful exploitation of this vulnerability could...

NETGEAR多款产品 安全漏洞

NETGEAR Nighthawk is a series of wireless routers from NETGEAR. A security vulnerability exists in various NETGEAR products that stems from improper input validation for the speedtest feature, which could allow an attacker to use man-in-the-middle techniques to manipulate DNS responses and execut...

CVE-2025-27020

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

CVE-2025-27020

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

CVE-2025-27020 Improper configuration of SSH service in Infinera MTC-9

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

CVE-2025-27020 Improper configuration of SSH service in Infinera MTC-9

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

EUVD-2025-201700

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Next.js Exploit Tool 이 도구는 Next.js의 취약점CVE-20...