1294 matches found
CVE-2011-10017
Snort Report versions 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no...
CVE-2011-10017 Snort Report nmap.php/nbtscan.php RCE
Snort Report versions 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no...
Linux Distros Unpatched Vulnerability : CVE-2021-47435
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm: fix mempool NULL pointer race when completing IO dmiodecpending calls endioacct first and will then dec md in-flight pending count. But if a task is swappin...
Linux Distros Unpatched Vulnerability : CVE-2021-46938
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blkmqtagset in dev remove after table load fails When loading a...
Linux Distros Unpatched Vulnerability : CVE-2022-50085
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm raid: fix address sanitizer warning in raidresume There is a KASAN warning in raidresume when running the lvm test lvconvert-raid.sh. The reason for the...
Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation
Cybersecurity researchers have presented new findings related to a now-patched security issue in Microsoft's Windows Remote Procedure Call RPC communication protocol that could be abused by an attacker to conduct spoofing attacks and impersonate a known server. The vulnerability, tracked as...
Linux Distros Unpatched Vulnerability : CVE-2025-38066
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm cache: prevent BUGON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failur...
Linux Distros Unpatched Vulnerability : CVE-2022-49771
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm ioctl: fix misbehavior if listversions races with module loading listversions will first estimate the required space using the...
Linux Distros Unpatched Vulnerability : CVE-2024-23851
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - copyparams in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INTMAX bytes, and crash, because of a missing...
Dracnmap
Dracnmap is an open-source program designed to exploit networks and gather information using the help of Nmap. It is intended to simplify the process of network scanning by utilizing the script engine of Nmap and performing various automatic scanning techniques with advanced commands. Dracnmap is...
CVE-2025-7888
A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue affects the function UserFormDataMapper of the file src/main/java/com/tduck/cloud/form/mapper/UserFormDataMapper.java. The manipulation of the argument formKey leads to sql injection. The attack may ...
webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution
A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the...
webkitgtk: heap-buffer-overflow in WebCore::TextureMapperLayer::setContentsLayer
REJECTED CVE In WebKitGTK through 2.36.0 and WPE WebKit, there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...
Exploit for Improper Access Control in Elasticsearch
欢迎各位大佬提BUG,当前版本 AssetScanV1.3 周期 初版:2019年11月28日 V1.0初版编写完成 修改1:2019年12月02日 感谢Shadow·J反馈kali下文件导入异常 修改2:2019年12月03日 V1.1发布,新增ARP存活检测(回滚,测bug) 修改3:2019年12月04日 V1.2发布,修复漏洞脚本异常,修复weblogic脚本 修改4:2019年12月05日 V1.2修改,感谢sevck提供设计思路以及代码不规范问题 修改5:2019年12月05日 V1.2修改,修复IP数据处理异常 修改6:2019年12月19日...
SUSE CVE-2025-38141
In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...
DEBIAN-CVE-2025-38141
In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...
UBUNTU-CVE-2025-38141
In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...
CVE-2025-38141 dm: fix dm_blk_report_zones
In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from dm not handling partition table swapping correctly, which could lead to memory corruption...
SUSE CVE-2025-38063
In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQPREFLUSH When a bio with REQPREFLUSH is submitted to dm, sendemptyflush generates a flushbio with REQOPWRITE | REQPREFLUSH | REQSYNC, which causes the flushbio to be throttled by...