176 matches found
CVE-2025-57602
Insufficient hardening of the proxyuser account in the AiKaan IoT management platform, combined with the use of a shared, hardcoded SSH private key, allows remote attackers to authenticate to the cloud controller, gain interactive shell access, and pivot into other connected IoT devices. This can...
fimap
fimap is a Python tool designed to find, prepare, audit, exploit, and even automatically Google for local and remote file inclusion LFI/RFI bugs in web applications. It can identify and exploit file inclusion bugs, including include, includeonce, require, and requireonce functions. The tool has a...
Exploit for Improper Handling of Parameters in Fortinet Fortiweb
CVE-2025-52970 FortiWeb Authentication Bypass to Remote Code E...
RCE-Foryou
RCE-Foryou Python tool for safely testing and exploiting RCE v...
Libxml2: stack buffer overflow in xmllint interactive shell command handling
...
redis-rce
Redis RCE A exploit for Redis 4.x/5.x RCE, inspired by Redis post-exploitation. This repo is a modified version of . Usage: Compile exp.so from . usage: redis-rce.py -h -r RHOST -p RPORT -L LHOST -P LPORT -f FILE -a AUTH -v Redis 4.x/5.x RCE with RedisModules optional arguments: -h, --help show...
OESA-2025-1901 libxml2 security update
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo
CVE-2025-32463 Sudo EoP Exploit PoC Rust Using Prebuild...
Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege
Titles: Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege Author: nu11secur1ty Date: 07/09/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/windows/windows-11?r=1 Reference: https://portswigger.net/web-security/access-control CVE-2025-49677 Descripti...
Exploit for Code Injection in Langflow
Langflow RCE Exploit CVE-2025-3248 !Python Versionhttps:...
SUSE CVE-2025-6170
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
DEBIAN-CVE-2025-6170
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
AZL-64470 CVE-2025-6170 affecting package libxml2 for versions less than 2.10.4-8
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
ALPINE-CVE-2025-6170
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
AZL-64482 CVE-2025-6170 affecting package libxml2 for versions less than 2.11.5-6
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
UBUNTU-CVE-2025-6170
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
CVE-2025-6170 Libxml2: stack buffer overflow in xmllint interactive shell command handling
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
CVE-2025-6170
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
CVE-2025-6170
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
Stack-based Buffer Overflow
Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Stack-based Buffer Overflow due to unsafe use of strcpy in the xmllint interactive shell command tool. An attacker can cause a crash by providing an overly long argument to any...