CVE-2026-33026

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration. This issue has been patched in version 2.3.4...

CVE-2026-33026

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration. This issue has been patched in version 2.3.4...

CVE-2026-32808

pyLoad is a free and open-source download manager written in Python. Versions before 0.5.0b3.dev97 are vulnerable to path traversal during password verification of certain encrypted 7z archives encrypted files with non-encrypted headers, causing arbitrary file deletion outside of the extraction...

EUVD-2026-13435

pyLoad is a free and open-source download manager written in Python. Versions before 0.5.0b3.dev97 are vulnerable to path traversal during password verification of certain encrypted 7z archives encrypted files with non-encrypted headers, causing arbitrary file deletion outside of the extraction...

Milner ImageDirector Capture security vulnerability

Milner ImageDirector Capture is a document collection and digital asset management software developed by the American company Milner. Versions of Milner ImageDirector Capture from 7.0.9.0 to 7.6.3.25808 had security vulnerabilities. These vulnerabilities stemmed from the use of default credential...

Cisco Firepower Threat Defense Software Encrypted Archive File Policy Bypass (cisco-sa-ftd-archive-bypass-z4wQjwcN)

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a...

APTSimulator

This is a toolset for simulating an APT Advanced Persistent Threat attack on a Windows system. The tool, called APT Simulator, is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised. It is designed to be simple and easy to use, requiring...

CVE-2024-20261

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a...

New Chrome Feature Scans Password-Protected Files for Malicious Content

Google said it's adding new security warnings when downloading potentially suspicious and malicious files via its Chrome web browser. "We have replaced our previous warning messages with more detailed ones that convey more nuance about the nature of the danger and can help users make more informe...

CVE-2024-20261

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a...

Cisco Firepower Threat Defense 安全漏洞

Cisco Firepower Threat Defense FTD is a suite of unified software that provides next-generation firewall services from the U.S. company Cisco. A security vulnerability exists in Cisco Firepower Threat Defense Software version 1.0 that originates from a logic error when examining a specific class ...

NUUO NVRmini2访问控制错误漏洞

NUUO NVRMini2 is a small network DVR device from NUUO, Taiwan, China. The NUUO NVRmini2 suffers from an authorization issue vulnerability that can be exploited by attackers to upload encrypted TAR archives...

APTSimulator - A toolset to make a system look as if it was the victim of an APT attack

APT Simulator is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised. Use Cases 1. POCs: Endpoint detection agents / compromise assessment tools 2. Test your security monitoring's detection capabilities 3. Test your SOCs response on a...

RarCrack 0.2 - 'Filename init() .bss' (PoC)

The software can be downloaded here: http://rarcrack.sourceforge.net/ Author: stoke Date: 2010-09-20 Download: http://rarcrack.sourceforge.net/ Tested on: Backtrack 4 Site: http://devilcode.it | http://hack2web.altervista.org Special greetz to: nex, for reassure me when i sayed "WHY EIP IT'S NOT...

afio.pgp.txt

Date: Fri, 11 Jun 1999 16:55:30 -0000 From: [email protected] To: [email protected] Subject: fwd SECURITY: afio: security hole in 'afio -P pgp' encrypted archives Hello, Just found it on comp.os.linux.announce. Sorry if it was already on the list. cezar -----BEGIN PGP SIGNED MESSAGE----- I belie...