251 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: add a check for dpuplaneatomicprintstate to ensure valid sspp. Similar to the rpipe sspp protection, a check is added to prevent printing of the pipe’s state when it is dumped without a corresponding atomiccheck,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: genl: Fixed a memory leak in the error path during policy dumping. If the construction of the policy array fails when recording non-first policies, we need to unwind the situation. The netlinkpolicydumpaddpolicy function...
Eternalblue-ms17-010-lab
01-EternalBlue-MS17-010-README.mdhttps://github.com/user-atta...
hdd-toolkit
HDD Firmware Toolkit A comprehensive Python toolkit for dumpi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-wmi-sysman: Do not perform hex dumping of plaintext password data. The setnewpassword function performs hex dumping of the entire buffer, which contains plaintext password data, including current and new...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013071)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013071 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007276)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007276 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call...
CVE-2026-23412 netfilter: bpf: defer hook memory release until rcu readers are done
In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG: KASAN: slab-use-after-free in nfnlhookdumpone.isra.0+0xe71/0x10f0 Read...
CVE-2026-34553
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a defect in LUT dump/iteration logic affecting CIccCLUT::Iterate and output produced by CIccMBB::Describe via CLUT dumping. This issue has been patched in version 2.3.1....
CVE-2026-34547
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, an Undefined Behavior UB condition in IccUtil.cpp can be triggered by a crafted ICC profile when running iccDumpProfile. This issue has been patched in version 2.3.1.6...
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers for ConnectWise ScreenConnect that drop a tool named HwAudKiller to blind security programs using the bring your own...
Exploit for Allocation of Resources Without Limits or Throttling in Espressif Esp-Idf
CVE-2024-51428 - ZoneMinder Blind SQL Injection PoC Python wr...
injectproof
InjectProof The SQL injection scanner that finds what sqlma...
System-Exploitation-Privilege-Escalation
System Exploitation & Privilege Escalation Lab 📄 Project O...
CVE-2026-Termius
Termius macOS Application Vulnerability Report CVE-2026-Termi...
CVE-2022-26283
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the viewplan endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests...
CVE-2022-26285
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests...
CVE-2022-26284
Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manageclient endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests...
CVE-2020-24315
Vinoj Cardoza WordPress Poll Plugin v36 and lower executes SQL statement passed in via the pollid POST parameter due to a lack of user input escaping. This allows users who craft specific SQL statements to dump the entire targets database...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992792)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992792 advisory. In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies...