Exploit for CVE-2025-34085

📌 CVE-2025-34085 — Simple File List WordPress Plugin RCE 📌...

CVE-2025-23170

The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an attacker to execu...

CVE-2025-23170

The Versa Director SD-WAN orchestration platform includes functionality to initiate SSH sessions to remote CPEs and the Director shell via Shell-In-A-Box. The underlying Python script, shell-connect.py, is vulnerable to command injection through the user argument. This allows an attacker to execu...

Linux Distros Unpatched Vulnerability : CVE-2024-38625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Check 'folio' pointer for NULL It can be NULL if bmap is called. CVE-2024-38625 Note that Nessus relies on the presence of the package as reported by...

Linux Distros Unpatched Vulnerability : CVE-2021-44502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size of a memset that...

Linux Distros Unpatched Vulnerability : CVE-2021-20316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata,...

Linux Distros Unpatched Vulnerability : CVE-2020-14416

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.4.16, a race condition in tty-discdata handling in the slip and slcan line discipline could lead to a use-after-free, aka...

Linux Distros Unpatched Vulnerability : CVE-2017-7186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service segmentation violation for read access, and application...

Linux Distros Unpatched Vulnerability : CVE-2020-12655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in xfsagfverify in fs/xfs/libxfs/xfsalloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via a...

Linux Distros Unpatched Vulnerability : CVE-2020-14060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to...

CVE-2024-42450

CVE-2024-42450 affects Versa Networks Versa Director, where the Postgres database is configured by default to listen on all network interfaces and uses a common password across installations, creating an unauthenticated access risk to the database and potential filesystem reads for privilege esca...

CVE-2024-10012

creationtimestamp| type| source ---|---|--- 2024-11-13 15:22:47+00:00| seen| https://infosec.exchange/users/cve/statuses/113476328941856460 2024-11-13 15:26:05+00:00| seen| https://infosec.exchange/users/cve/statuses/113476341924743299 2024-11-13 18:04:07+00:00| seen| https://t.me/cvedetector/108...

Effective Vulnerability Management with Stakeholder Specific Vulnerability Categorization (SSVC) and Qualys TruRisk

Security stakeholders across the globe have long relied on the Common Vulnerability Scoring System CVSS to prioritize vulnerabilities and assess their risk posture. The reason why the CVSS has become the standard for many security and vulnerability management teams alike is that this method is ea...

CISA Releases SSVC Methodology to Prioritize Vulnerabilities

Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization SSVC, a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts to safety, and prevalence of the affected product in a singular...

UBUNTU-CVE-2019-25042

Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdatacopy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

CVE-2017-9232

creationtimestamp| type| source ---|---|--- 2018-02-12 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44023 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/jujurunagentprivesc.rb 2025-02-06 03:13:43+00:00|...