VulnCheck KEV: CVE-2026-49777

Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4...

altera Quartus Prime Standard Edition Design Software 安全漏洞

The altera Quartus Prime Standard Edition Design Software is an FPGA design and development software suite from the US-based altera Corporation. A security vulnerability exists in altera Quartus Prime Standard Edition Design Software, which stems from vulnerability to DLL implantation attacks...

LeechHijack: Covert Computational Resource Exploitation in Intelligent Agent Systems

Large Language Model LLM-based agents have demonstrated remarkable capabilities in reasoning, planning, and tool usage. The recently proposed Model Context Protocol MCP has emerged as a unifying framework for integrating external tools into agent systems, enabling a thriving open ecosystem of...

TOTOLINK A7000R Certification Bypass Vulnerability

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A7000R suffers from an authentication bypass vulnerability that stems from formLoginAuth.htm not properly validating a login request, which can be exploited by an attacker to bypass authentication, tamper wi...

The vulnerability of the JTAG microprogramming software components in Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows intruders to implant or modify the firmware.

The vulnerability of the JTAG microprogramming software components in Ethernet modules WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to access control deficiencies. Exploiting this vulnerability can allow attackers to implant or modify the firmware...

CVE-2019-6695

Lack of root file system integrity checking in Fortinet FortiManager VM application images of 6.2.0, 6.0.6 and below may allow an attacker to implant third-party programs by recreating the image through specific methods...

Exploit for Unprotected Alternate Channel in Rockwellautomation Allen-Bradley_Stratix_5200_Firmware

CVE-2023-20198 Exploit PoC for CVE-2023-20198 Description...

CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

The Cybersecurity and Infrastructure Security Agency CISA has released an update to a previously published Cybersecurity Advisory CSA, Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The CSA—originally released to warn network defenders of critical infrastructure organizations...

Delta Electronics DIAEnergie 安全漏洞

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.An authorization...

Dell SupportAssist Client code issue vulnerability

Dell SupportAssist Client is a client application from Dell DELL, USA. The program provides automated, proactive and predictive techniques for troubleshooting, etc. Dell SupportAssist Client has a code issue vulnerability that can be exploited by attackers to load arbitrary .dll files using .dll...

DLL Hijacking Vulnerability in 115chrome.exe Module in 115 Computer Edition by Guangdong One One Five Technology Co.

115 PC version is a collection of 115, 115 organization, browser PC client, and 115 service perfect integration. Ltd. 115 computer version of the dll hijacking vulnerability, the attacker can be exploited to cause the user's computer to be remote control or implanted Trojan horse...

Ueeshop comment section has XSS vulnerability

Ueeshop provides e-commerce website building cross-border independent station building platform. Ueeshop comment area there is an XSS vulnerability, attackers can use the vulnerability to implant malicious js code, such as stealing cookies hanging horse and other operations...

A Bug in Facebook Messenger for Windows Could've Helped Malware Gain Persistence

Cybersecurity researchers at Reason Labs, the threat research arm of security solutions provider Reason Labs, today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows. The vulnerability, which resides in Messenger version 460.16, could...

Joomla! 3.4.6 - Remote Code Execution

Exploit Title: Joomla! 3.4.6 - Remote Code Execution Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo Vendor Homepage: https//www.joomla.it/ Software Link: https://downloads.joomla.org/it/cms/joomla3/3-4-6 Version: 3.0.0 -- 3.4.6 Tested on: Linux CVE : N/A Technical details:...

CVE-2019-6695

Lack of root file system integrity checking in Fortinet FortiManager VM application images of 6.2.0, 6.0.6 and below may allow an attacker to implant third-party programs by recreating the image through specific methods...

IoT-Home-Guard - A Tool For Malicious Behavior Detection In IoT Devices

IoT-Home-Guard is a project to help people discover malware in smart home devices. For users the project can help to detect compromised smart home devices. For security researchers it is also useful in network analysis and malicious hehaviors detection. In July 2018 we had completed the first...

Intel the reproduction of new vulnerabilities or be subjected to hackers implant attack script-vulnerability warning-the black bar safety net

5 on 22, reported,yesterday, Intel and Microsoft announced a Spectre and Meltdown security vulnerability, the new variant-the“variant 4”. The new variant is the use of“Speculative Store Bypass”, the defect enables the Processor chip to a potential unsafe area to disclose sensitive information...

NSA Reportedly Intercepts US-made Internet Routers to Install Spyware

The US Intelligence Agency, NSA has been reportedly intercepting and accessing routers, servers, and other computer networking hardware to plant data gathering “backdoors” and other spywares before they are exported and delivered to the international customers, reported by the Guardian. Yesterday...

Cherry enterprise website management system v1. 0 Upload vulnerability-vulnerability warning-the black bar safety net

Cherry enterprise website management system full DIV+CSS template, multi-browser adapt perfectly compatible with IE6-IE8,Firefox, Google, etc. standards-compliant browser, the template styles centralized in a CSS style, content and style completely separated convenient website designers to develo...

. htaccess Backdoor-vulnerability warning-the black bar safety net

Author: GaRYwofeiwoatgmaildotcom The PHP manual,often see often new: PHP has a characteristic,will be based on apache httpd. conf. htaccess to override their php. ini settings. Just,find two of the evil attributes: ------------------------------ autoprependfile...