RockyLinux 10 : golang (RLSA-2025:13941)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:13941 advisory. cmd/go: Go VCS Command Execution Vulnerability CVE-2025-4674 Tenable has extracted the preceding description block directly from the RockyLinux security advisor...

go-toolset:rhel8 security update

An update is available for module.go-toolset, golang, module.delve, go-toolset, module.golang, delve. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset...

CVE-2025-46571

CVE-2025-46571 affects Open WebUI prior to version 0.6.6. Low-privileged users could upload HTML files containing JavaScript via the backend endpoint /api/v1/files/, which returns a file id. An attacker could lure an admin to click a link to such a file, causing the JavaScript to execute in the a...

Dirty Pipe Privilege Escalation Vulnerability in Linux

CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe” CVE-2022-0847. A local attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review CVE-2022-0847 and update to...

Honeywell Experion PKS和Honeywell Ace Controllers 注入漏洞

Honeywell Experion PKS and Honeywell Ace Controllers are both products of Honeywell, Inc. Honeywell Experion PKS is a process automation system. Honeywell Ace Controllers are used to execute Honeywell's Control Execution Environment Cee on a server-grade computer platform. Honeywell Ace Controlle...

EulerOS 2.0 SP8 : grub2 (EulerOS-SA-2021-1875)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in grub2 in versions prior to 2.06. Setparamprefix in the menu rendering code performs a length calculation on the assumption th...

Oracle Linux 8 : grub2 (ELSA-2021-0696)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0696 advisory. - Add CVE-2020-15706, CVE-2020-15707 to the list Orabug: 31225072 Tenable has extracted the preceding description block directly from the Oracle Linux...

CVE-2020-27749

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...

Microsoft Windows DrawIconEx Local Privilege Escalation Exploit

This Metasploit module exploits CVE-2020-1054, an out of bounds write reachable from DrawIconEx within win32k. The out of bounds write can be used to overwrite the pvbits of a SURFOBJ. By utilizing this vulnerability to execute controlled writes to kernel memory, an attacker can gain arbitrary co...

Honeywell Experion C300 Controller

Binary data 764917.prm...

Honeywell Experion C300 Controller

Binary data 764916.prm...

Honeywell C200 Controller Module

Binary data 764872.prm...

CVE-2018-6668 Bypass Application Control with simple DLL

A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows execution bypass, for example, with simple DLL through interpreters such as PowerShell...

Microsoft Outlook 2016 Multiple Vulnerabilities (KB4461506)

This host is missing an important security update according to Microsoft KB4461506. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Novell NetMail <= 3.52d IMAP APPEND Buffer Overflow

No description provided by source. $Id: novellnetmailappend.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

mIRC IRC URL Buffer Overflow

No description provided by source. $Id: mircircurl.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Sync Breeze Server 2.2.30 - Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/python Exploit Title: Sync Breeze Server v2.2.30 Remote BOF Exploit Date: 10/10/2010 Author: Xsploited Security aka xsploitedsec URL: http://www.x-sploited.com/ Contact: xsploitedsecurity at x-sploited.com Software Link:...

Ipswitch IMail Server - IMAP SEARCH Buffer Overflow (Metasploit)

$Id: ipswitchsearch.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

phpMyFAQ 1.6.7 - SQL Injection Command Execution

phpMyFAQ 1.6.7 - SQL Injection Command Execution !/usr/bin/php5-cgi -q " localhost:4001 [email protected] / function doupload$baseurl, $proxy, $cmd $fp = fopen"kebab.php", "w"; if!$fp die"Cannot open file for writing"; $code = "Un1q" . $cmd . ""; fwrite$fp, $code; fclose$fp; $sendvars"aktion"...