[SECURITY] Fedora 42 Update: gdu-5.32.0-1.fc42

Fast disk usage analyzer with console interface written in Go...

CVE-2025-60856

CVE-2025-60856 affects Reolink Video Doorbell WiFi DB_566128M5MP_W via an unsecured UART/serial console that can grant root shell access with physical access. The vulnerability arises from exposed interface allowing arbitrary command execution as root; implications include complete device comprom...

EUVD-2021-29299

Malicious code in bioql PyPI...

metasploit-framework

This is an offensive tool for penetration testing. It is the Metasploit Framework, a comprehensive platform for developing and executing exploits. The framework is written in Ruby and provides a wide range of features for penetration testing, including exploit development, vulnerability scanning,...

CVE-2021-42324

An issue was discovered on DCN Digital China Networks S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell...

PT-2024-2628 · Cisco · Cisco Ucs 6400 Series Fabric Interconnects +1

Name of the Vulnerable Software and Affected Versions: Cisco UCS 6400 and 6500 Series Fabric Interconnects affected versions not specified Description: The issue is related to insufficient rate-limiting of TCP connections, which could allow an unauthenticated, remote attacker to cause a denial of...

CVE-2023-33921

A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05, CP-8050 MASTER MODULE All versions CPCI85 V05. The affected devices contain an exposed UART console login interface. An attacker with direct physical access could try to bruteforce or crack the root password to...

K37283878: Intel I210 network adapter vulnerability CVE-2020-0522

Security Advisory Description Improper initialization in the firmware for the IntelR Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access. CVE-2020-0522 Impact The BIG-IP management network por...

CVE-2022-30543

A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability...

GHSA-9W4V-9C99-HV7R Mattermost Server exposes sensitive information via its System Console UI

An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information credential fields within config.json via the System Console UI...

Design/Logic Flaw

An issue was discovered on DCN Digital China Networks S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell...

Digital China Networks S4600-10P-SI 操作系统命令注入漏洞

The Digital China Networks S4600-10P-SI is a switch from Digital China Networks Beijing Co. A security vulnerability exists in DCN Digital China Networks S4600-10P-SI versions prior to R0241.0470, which stems from incorrect validation of parameters in the console interface. An authenticated,...

Mattermost Server Information Disclosure Vulnerability (CNVD-2020-35329)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 3.0.0. The vulnerability can be exploited to obtain sensitive information credentials field in config.json through the system...

Bing-Ip2Hosts - Bingip2Hosts Is A Bing.com Web Scraper That Discovers Websites By IP Address

Bing-ip2hosts is a Bing.com web scraper to discover hostnames by IP address. Description Bing-ip2hosts is a Bing.com web scraper that discovers hostnames by IP address. Bing is the flagship Microsoft search engine formerly known as MSN Search and Live Search. It provides a feature unique to searc...

BYOB - Build Your Own Botnet

BYOB Build Your Own Botnet Disclaimer : This project should be used for authorized testing or educational purposes only. BYOB is an open-source project that provides a framework for security researchers and developers to build and operate a basic botnet to deepen their understanding of the...

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to exploit a vulnerability in a specific target, but the target is not specified in the provided code. The module is written in Ruby and uses the Metasploit framework to interact with the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in console interface scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-3312

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435...

CVE-2009-2316

Multiple cross-site scripting XSS vulnerabilities in IBM Tivoli Identity Manager ITIM 5.0 allow remote attackers to inject arbitrary web script or HTML by entering an unspecified URL in 1 the self-service UI interface or 2 the console interface. NOTE: it was later reported that 4.6.0 is also...