CVE-2025-8066

CVE-2025-8066 is a reported open redirect vulnerability in Bunkerity Bunker Web (Linux) affecting version 1.6.2 . The issue is described as a URL redirection to an untrusted site, enabling phishing attempts. The available connected sources consistently identify the vulnerable component as the Bun...

CVE-2025-8066 Bunker Web 1.6.2 - Uncontrolled external site redirect

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bunkerity Bunker Web on Linux allows Phishing.This issue affects Bunker Web: 1.6.2...

PT-2025-33496

Name of the Vulnerable Software and Affected Versions: Bunkerity Bunker Web version 1.6.2 Description: A URL Redirection to Untrusted Site 'Open Redirect' vulnerability exists in Bunkerity Bunker Web on Linux, which can be leveraged for phishing attacks. Recommendations: At the moment, there is n...

Linux Distros Unpatched Vulnerability : CVE-2024-20978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and...

Linux Distros Unpatched Vulnerability : CVE-2019-11735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory...

Linux Distros Unpatched Vulnerability : CVE-2024-53872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed EL...

Linux Distros Unpatched Vulnerability : CVE-2021-2298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2014-5022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors...

IBM Db2 for Linux 安全漏洞

IBM Db2 is a relational database management system from IBM that supports a variety of operating systems, including Linux. A denial of service vulnerability exists in IBM Db2 for Linux versions 12.1.0, 12.1.1, and 12.1.2, which originates from executable segments waiting for each other to release...

Cisco ISE ERS InternalUser command injection

Added: 07/17/2025 Background Cisco Identity Services Engine ISE is a centralized user access control which provides network access policy for end users whether they connect through a wired or wireless network or by VPN. Problem A vulnerability in the Cisco ISE ERS API could allow remote,...

HTTPS Fetch

Fetch and execute an x64 payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/x64/sethostname msf payloadsethostname show actions ...actions... msf payloadsethostname set ACTION msf payloadsethostname show options ...show and set options... msf payloadsethostname run This...

Google Chrome Security Update (stable-channel-update-for-desktop_17-2025-06) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Roundcube 1.6.10 - Remote Code Execution (RCE)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Roundcube ≤ 1.6.10 Post-Auth RCE via PHP Object Deserialization', 'Description' = %q Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allo...

CVE-2023-28796

Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6...

Enable PAM Authentication

Pluggable Authentication Modules PAM on the Linux platform provides a series of open source shared library files .so files. You can flexibly control the authentication process by configuring parameters. After PAM authentication is configured for SSH, the user authentication management module of t...

📄 CommScope Ruckus IoT Controller 1.7.1.0 Backdoor Account

CommScope Ruckus IoT Controller version 1.7.1.0 has an undocumented backdoor account. Exploit Title: CommScope Ruckus IoT Controller 1.7.1.0 - Undocumented Account Date: 2021.05.26 Exploit Author: korelogic Vendor Homepage:...

SUSE CVE-2025-31344

Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2...

📄 Appsmith Remote Code Execution

An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

The vulnerability of the do_fp_load() function in the arch/powerpc/lib/sstep.c module, which is part of the PowerPC platform support for the Linux operating system, allows a hacker to trigger a service failure.

The vulnerability of the dofpload function in the arch/powerpc/lib/sstep.c module of the PowerPC platform supporting Linux operating systems is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability could allow an attacker to cause a servic...

TinyWebServer 安全漏洞

TinyWebServer is a C++ lightweight WebServer server for Linux by qinguoyi personal developer. A security vulnerability exists in TinyWebServer 1.0 and earlier versions, which stems from an incorrect manipulation of the name/password parameter that can cause a stack buffer overflow...