CVE-2021-0616

In ape extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561389; Issue ID: ALPS05561389...

EUVD-2019-18848

Malware in sbrugna...

EUVD-2021-3241

Malicious code in bioql PyPI...

EUVD-2021-3585

Malicious code in bioql PyPI...

CVE-2025-8931

A vulnerability was determined in code-projects Medical Store Management System 1.0. Affected is an unknown function of the file ChangePassword.java. The manipulation of the argument newPassTxt leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2019-13318

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

CVE-2025-4270

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to informatio...

CVE-2024-11484

CVE-2024-11484 affects Code4Berry Decoration Management System 1.0. The vulnerability arises from manipulation of the parameter productimage1 in the file /decoration/admin/update_image.php (User Image Handler), leading to improper access controls. It is exploitable remotely and has publicly discl...

CVE-2024-10993 Codezips Online Institute Management System manage_website.php unrestricted upload

A vulnerability, which was classified as critical, was found in Codezips Online Institute Management System 1.0. Affected is an unknown function of the file /managewebsite.php. The manipulation of the argument websiteimage leads to unrestricted upload. It is possible to launch the attack remotely...

CVE-2024-8580

A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861B20230220. This vulnerability affects unknown code of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can be initiated remotely. The complexity of an attack is rather...

CVE-2024-1431 Netgear R7000 Web Management Interface debuginfo.htm information disclosure

A vulnerability was found in Netgear R7000 1.0.11.13610.2.120 and classified as problematic. Affected by this issue is some unknown functionality of the file /debuginfo.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed ...

CVE-2022-45103

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system...

Helpful < 4.5.26 - Information Disclosure

The plugin puts the exported logs and feedbacks in a publicly accessible location and guessable names, which could allow attackers to download them and retrieve sensitive information such as IP, Names and Email Address depending on the plugin's settings After an admin export logs via...

Backdoor.Win32.Cabrotor.10.d MVID-2022-0612 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/40acf109fa9621eae6930ef18f804909.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Cabrotor.10.d Vulnerability: Unauthenticated Remote Command Execution...

SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure Exploit

Exploit for hardware platform in category web applications Exploit Title: SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://secu.jp/ Product Link: https://secu.jp/support/831.html CVE: N/A !/usr/bin/perl SecuSTATION SC-831 HD Camer...

DBPower C300 HD Camera - Remote Configuration Disclosure Exploit

Exploit for hardware platform in category web applications Exploit Title: DBPower C300 HD Camera - Remote Configuration Disclosure Author: Todor Donev Vendor: https://donev.eu/ CVE: N/A Copyright 2020 c Todor Donev https://donev.eu/ https://donev.eu/blog/dbpower-c300-multiple-vulnerabilities...

CVE-2019-9335

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112328051...

Node.js 8.5.0 Path Traversal File Disclosure

File disclosure vulnerability in Node.js Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

RAVPower 2.000.056 - Memory Disclosure Exploit

Exploit for hardware platform in category dos / poc """ Exploit Title: RAVPower - remote stack disclosure Date: 22/01/2018 Exploit Author: Daniele Linguaglossa Vendor Homepage: https://www.ravpower.com/ Software Link: https://www.ravpower.com/ Version: 2.000.056 Tested on: OSX CVE : CVE-2018-5319...

wordpress plugin FancyBox admin-head.php physical path disclosure vulnerability

No description provided by source...