CVE-2023-53621

CVE-2023-53621: Linux kernel memcg/memcontrol bug could cause a NULL pointer dereference during eviction if the memcg retrieved by the stored id is not the original one. Impact is local, with a high base score (7.8) and local access required. The issue stems from eviction recency checks in mem_cg...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813 – Apache Tomcat RCE Exploit Descrição ---------...

DEBIAN-CVE-2025-37952

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix UAF in closefiletableids A use-after-free is possible if one thread destroys the file via ksmbdclosefd while another thread holds a reference to it. The existing checks on fp-refcount are not sufficient to prevent this...

GL.iNet AR300M 3.216 Remote Code Execution

!/usr/bin/env python3 Exploit Title: GL.iNet = 3.216 Remote Code Execution via OpenVPN Client Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

kernel: scsi: target: core: Avoid smp_processor_id() in preemptible code

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Avoid smpprocessorid in preemptible code The BUG message "BUG: using smpprocessorid in preemptible 00000000 code" was observed for TCMU devices with kernel config DEBUGPREEMPT. The message was observed when...

Telebix - An Application That Communicates With A Bot On The Telegram To Receive Commands And Send Information From An Infrastructure Monitored By Zabbix

Telebix is an application that communicates with a Bot on the Telegram to receive commands and send information from an infrastructure monitored by Zabbix, which also sends messages in real time if any problems occur in the infrastructure, it is totally written in Python with Shell Script and has...

PHPCMS 'phpcms\modules\member\index.php ' Arbitrary Password Reset Vulnerability

PHPCMS is a website management software. The software adopts modular development and supports a variety of classification methods, using it can easily realize the design, development and maintenance of personalized websites. PHPCMS 'phpcms\modules\member\index.php ' has an arbitrary password rese...

Shopify: Force 500 Internal Server Error on any shop (for one user)

There is very strange behavior. If user open urls like below: - https://whashp.myshopify.com/?previewthemeid=11288717 - or https://lmfshp.myshopify.com/?previewthemeid=11290937 He got redirect to shop https://whashp.myshopify.com/ and 500 Internal Server Error response, and reload does not help i...

AlstraSoft E-Friends <= 4.21 Admin Session Retrieve Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo AlstraSoft E-Friends = 4.21 Admin Session Retrieve Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love ; if $argc2 echo Usage: php .$argv0...

phpEventCalendar <= 0.2.3 (eventdisplay.php) SQL Injection Exploit

No description provided by source. !/usr/bin/perl Vendor url: www.ikemcg.com require LWP::UserAgent; print phpEventCalendar = v0.2.3 SQL Injection Exploit By Iron - ironwarez.info Thanks to Silentz for the help : Greets to everyone at RootShell Security Group & dHack Example target url:...

MyBB Member.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14684/info MyBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Successful exploitation could result in a compromise of the...

Peer2Mail 1.4 - Encrypted Password Dumper

/ Peer2Mail Encrypt PassDumper Exploit v1.0 Discoveried & Coded By ATmaCA Copyright ©2002-2005 AtmacaSoft Inc. All Rights Reserved. Web: http://www.atmacasoft.com E-Mail: [email protected] / / Peer2Mail 1.4 and prior versions are affected. Tested for gmail account on Win XP SP2 / include include...