507 matches found
react2shell-poc
日本語 !CAUTION For Authorized Security Re...
Windows-pentest-lab
Windows-pentest-lab Penetration testing and vulnerability asse...
PT-2026-40539
Name of the Vulnerable Software and Affected Versions protobufjs versions prior to 7.5.6 protobufjs versions prior to 8.0.2 Description JavaScript generated for toObject conversion may include an unsafe expression derived from a schema-controlled bytes field default value. A crafted descriptor...
GHSA-M5J2-R859-R5CV Duplicate Advisory: OpenClaw: Isolated cron awareness events were recorded as trusted system events
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-57r2-h2wj-g887. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.20 fails to properly preserve untrusted labels for isolated cron awareness events, allowing...
Duplicate Advisory: OpenClaw: Isolated cron awareness events were recorded as trusted system events
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-57r2-h2wj-g887. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.20 fails to properly preserve untrusted labels for isolated cron awareness events, allowing...
ethical-hacking-lab-reports
Ethical Hacking & Information Security Lab Reports !Security...
ethical-hacking-lab-reports
Ethical Hacking & Information Security Lab Reports !Security...
linux-malware-toolbox
Linux Malware Samples - Educational Repository ⚠️ IMPORTAN...
cve-deep-dive
Report Bug · Request Feature Table of Contents a...
homelab-security
Cybersecurity Home Lab A personal home lab built for hands-on...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the --persist-lint-results process. An attacker can overwrite arbitrary JSON files on the filesystem by supplying a crafted APK with manipulated .PKGINFO fields containing path traversal sequences. This is only...
CLSA-2026-1776441540 expat: Fix of 4 CVEs
CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...
sqli-research
🔬 sqli-research Time-Based Blind SQL Injection — Riset, Po...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
CVE-2021-44228 — Log4Shell PoC Lab DISCLAIMER Este...
Exploit for CVE-2017-0144
Lab Guide: Exploatering av CVE-2017-0144 EternalBlue Denna...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS when processing crafted extglob patterns. An attacker can cause excessive CPU consumption and block the event loop by supplying crafted extglob patterns that trigger catastrophic backtracking i...
Veeam Operations Fail When the Backup Server Has Limited Internet Access
Article Applicability This article addresses an issue that may occur when using a Windows-based deployment of Veeam Backup & Replication v13, where the Veeam Backup Server or other Windows-based component servers are isolated from the internet or subject to significant firewall restrictions...
Running OpenClaw safely: identity, isolation, and runtime risk
Self-hosted agent runtimes like OpenClaw are showing up fast in enterprise pilots, and they introduce a blunt reality: OpenClaw includes limited built-in security controls. The runtime can ingest untrusted text, download and execute skills i.e. code from external sources, and perform actions usin...
Running OpenClaw safely: identity, isolation, and runtime risk
Self-hosted agent runtimes like OpenClaw are showing up fast in enterprise pilots, and they introduce a blunt reality: OpenClaw includes limited built-in security controls. The runtime can ingest untrusted text, download and execute skills i.e. code from external sources, and perform actions usin...
ZLAN Information Technology Co. ZLAN5143D
RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker bypassing authentication, or resetting the device password. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...