TencentOS Server 4: kernel (TSSA-2025:0429)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0429 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990494)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990494 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989807)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989807 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not...

CLSA-2024-1716981167 Fix of 17 CVEs

CVE-url: https://ubuntu.com/security/CVE-2022-48673 - net/smc: Fix possible access to freed memory in link clear CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2CHIDREADPENDING flag to prevent lock-up CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client:...

UBUNTU-CVE-2023-52809

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not check the return value of fcrportcreate which can return NULL and would cause a NULL pointer dereference. Address this issue by checki...

KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow

Exploit Title: KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow Exploit Author: DEFCESCO Austin A. DeFrancesco Vendor Homepage: https://github.com/cyd01/KiTTY/= Software Link: https://github.com/cyd01/KiTTY/releases/download/v0.76.1.13/kitty-bin-0.76.1.13.zip Version: ≤...

Exploit for CVE-2023-38646

CVE-2023-38646 A python RCE exploit for CVE-2023-38646 Us...

Symmetricom SyncServer Unauthenticated Remote Command Execution Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in /controller/ping.php in Symmetricom SyncServer. The S100 through S350 End of Life models should be vulnerable to unauthenticated exploitation due to a session handling vulnerability. This module requires...

Windows shellcode stage, Reverse TCP Stager (IPv6)

Custom shellcode stage. Connect back to the attacker over IPv6 Module Options msf use payload/windows/custom/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options ...show and set options... msf...

Windows shellcode stage, Reverse Ordinal TCP Stager (No NX or Win7)

Custom shellcode stage. Connect back to the attacker Module Options msf use payload/windows/custom/reverseordtcp msf payloadreverseordtcp show actions ...actions... msf payloadreverseordtcp set ACTION msf payloadreverseordtcp show options ...show and set options... msf payloadreverseordtcp run Th...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 -u URL, --url URL 目标url -c COMM...

iRZ Mobile Router - CSRF to Remote Code Execution Exploit

Exploit Title: iRZ Mobile Router - CSRF to RCE Google Dork: intitle:"iRZ Mobile Router" Exploit Author: Stephen Chavez & Robert Willis Vendor Homepage: https://en.irz.ru/ Software Link: https://github.com/SakuraSamuraii/ez-iRZ Version: Routers through 2022-03-16 Tested on: RU21, RU21w, RL21, RU41...

Clinic Management System 1.0 Code Execution / SQL Injection

Exploit Title: Clinic Management System 1.0 - SQL injection to Remote Code Execution Date:21/10/2021 Exploit Author: Pablo Santiago Vendor Homepage: https://www.sourcecodester.com/php/14243/open-source-clinic-management-system-php-full-source-code.html Software Link:...

Cacti 1.2.12 - (filter) SQL Injection / Remote Code Execution Exploit

Exploit Title: Cacti 1.2.12 - 'filter' SQL Injection / Remote Code Execution Exploit Author: Leonardo Paiva Vendor Homepage: https://www.cacti.net/ Software Link: https://www.cacti.net/downloads/cacti-1.2.12.tar.gz Version: 1.2.12 Tested on: Ubuntu 20.04 CVE : CVE-2020-14295 Credits: @M4yFly...

Exploit for Server-Side Request Forgery in Microsoft

ProxyLogon-CVE-2021-26855-metasploit CVE-2021-26855 proxyLogon...

Golden FTP Server 4.70 - 'PASS' Buffer Overflow (2)

Golden FTP Server 4.70 - 'PASS' Buffer Overflow 2 Author: 1F98D Original Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on Windows 10 x64 A buffer overflow exists in GoldenFTP during the authentication process. Note that the source ip address of the user performing the...

10-Strike Network Inventory Explorer 8.65 - Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Inventory Explorer 8.65 - Buffer Overflow SEH Date: 2020-09-02 Exploit Author: Sectechs Vendor Homepage: https://www.10-strike.com Version: 8.65 Tested on: Windows 7 x86 SP1 import os import sys import struct import socket crash ="A" 209 jmp short 8...

docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)

Exploit Title: docPrint Pro 8.0 - 'Add URL' Buffer Overflow SEH Egghunter Date: 2020-07-26 Exploit Author: MasterVlad Vendor Homepage: http://www.verypdf.com Software Link: http://dl.verypdf.net/docprintprosetup.exe Version: 8.0 Vulnerability Type: Local Buffer Overflow Tested on: Windows 7 32-bi...

CloudMe 1.11.2 SEH Buffer Overflow Exploit

import socket import sys target = "127.0.0.1" Written by : lutzenfried Clement Cruchet Exploiting CloudMe 1.11.2 Publisher : CloudMe AB Windows x64 10.0.18362 Build 18362 Buffer Overflow using SEH overwritten technic POP POP RET Exploit for CVE-2018-6892 Technical information used for exploit...

OpenEMR 5.0.1 Remote Code Execution

!/usr/bin/env ruby Title: OpenEMR --shell --user --password --debug FILE semi-auto --root-url --user --password --payload --lhost --lport --debug FILE auto --root-url --user --password --lhost --lport --debug FILE -H | --help Options: -r , --root-url Root URL base path including HTTP scheme, port...