253 matches found
CVE-2020-24315
Vinoj Cardoza WordPress Poll Plugin v36 and lower executes SQL statement passed in via the pollid POST parameter due to a lack of user input escaping. This allows users who craft specific SQL statements to dump the entire targets database...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992792)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992792 advisory. In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992444)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992444 advisory. In the Linux kernel, the following vulnerability has been resolved: net: genl: fix error path memory leak in policy dumping If construction of the array of policies...
📄 HP ProCurve 4.00 Credential Disclosure
Proof of concept code that performs a credential dumping attack against vulnerable HP ProCurve SNAC systems. ============================================================================================================================================= | Title : HP ProCurve 4.00 Credential Dumping...
HackTheBox-Penetration-Testing-Methodology
HackTheBox Penetration Testing Methodology by 9mmpterodacty...
PT-2025-50496
Name of the Vulnerable Software and Affected Versions ESP32 affected versions not specified Description An enabled UART download mode on the ESP32 chip allows an attacker to extract sensitive data from the flash memory, including Wi-Fi network details stored in the NVS partition. This access also...
DEBIAN-CVE-2025-62491
A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...
CVE-2025-62491
A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...
CVE-2025-62491
A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...
CVE-2025-62491
The CVE-2025-62491 entry concerns a Use-After-Free (UAF) in the QuickJS engine’s standard library. The vulnerability occurs in js_std_promise_rejection_check when iterating the global rejected_promise_list; during error reporting, rp->reason may be an Error with a custom property getter, and e...
CVE-2023-53684
Summary (CVE-2023-53684) in the Linux kernel's xfrm subsystem, the patch fixes a padding issue when copying data to user space. Specifically, zero padding is now used when dumping xfrm algorithms and the encap template in xfrm_user, preventing potentially sensitive padding data from being exposed...
CVE-2023-53684
In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...
EUVD-2018-2050
Malware in sbrugna...
EUVD-2017-14671
Malware in sbrugna...
EUVD-2017-14954
Malware in sbrugna...
EUVD-2023-35736
Malicious code in bioql PyPI...
EUVD-2022-55313
Malicious code in bioql PyPI...
EUVD-2025-32190
Malicious code in bioql PyPI...
EUVD-2022-51968
Malicious code in bioql PyPI...
PT-2025-39453
Name of the Vulnerable Software and Affected Versions Flock Safety Bravo Edge AI Compute Device version BRAVO 00.00 local 20241017 Description The Flock Safety Bravo Edge AI Compute Device allows attackers with physical access to flash arbitrary firmware, dump partitions, and bypass bootloader an...