📄 Netman 204 Authentication Bypass / Remote Code Execution

Netman 204 allows for remote command execution without authentication. Exploit Title: Netman 204 - Remote command with out authentication Date: 2/4/2025 Exploit Author: parsa rezaie khiabanloo Vendor Homepage: netman-204 https://www.riello-ups.com/downloads/25-netman-204 Version: netman-204 Teste...

OpenSSH 10.0p1

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and...

OpenSSH 10.0

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and...

Moodle 4.4.x < 4.4.2 Multiples Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is 4.4.x prior to 4.4.2. It is, therefore, affected by multiples vulnerabilities : - Matrix user/power level management not always working as expected with suspended users. - Lack of access control when using...

The vulnerability of the Windows Local Session Manager (LSM) component of the Windows operating system, which allows a hacker to trigger a service failure

The vulnerability of the Windows Local Session Manager LSM component of the Windows operating system is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow a malicious actor to cause service interruptions from a remote location...

Description of the security update for Office 2016: April 8, 2025 (KB5002588)

Description of the security update for Office 2016: April 8, 2025 KB5002588 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-26642. Note: To apply this...

Description of the security update for Office 2016: April 8, 2025 (KB5002573)

Description of the security update for Office 2016: April 8, 2025 KB5002573 Summary This security update resolves a Microsoft Word security feature bypass vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-29816. Note: To apply this...

Description of the security update for SharePoint Server 2019: April 8, 2025 (KB5002691)

Description of the security update for SharePoint Server 2019: April 8, 2025 KB5002691 Summary This security update resolves a Microsoft SharePoint remote code execution vulnerability, Microsoft Office remote code execution vulnerability, and Microsoft Word remote code execution vulnerability. To...

Description of the security update for Office 2016: April 8, 2025 (KB5002669)

Description of the security update for Office 2016: April 8, 2025 KB5002669 Summary This security update resolves a Microsoft Office elevation of privilege vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-27744. Note: To apply this...

Description of the security update for Excel 2016: April 8, 2025 (KB5002704)

Description of the security update for Excel 2016: April 8, 2025 KB5002704 Summary This security update resolves a Microsoft Excel remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the vulnerabilities, see the following security...

Description of the security update for Office 2016: April 8, 2025 (KB5002703)

Description of the security update for Office 2016: April 8, 2025 KB5002703 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-26642. Note: To apply this...

Description of the security update for Office Online Server: April 8, 2025 (KB5002699)

Description of the security update for Office Online Server: April 8, 2025 KB5002699 Summary This security update resolves a Microsoft Excel remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the vulnerabilities, see the following...

End of support for Office 2016 and Office 2019

None None...

Description of the security update for OneNote 2016: April 8, 2025 (KB5002622)

Description of the security update for OneNote 2016: April 8, 2025 KB5002622 Summary This security update resolves a Microsoft OneNote security feature bypass vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-29822. Note: To apply th...

KB5055667: Servicing stack update for Windows Server 2012: April 8, 2025

KB5055667: Servicing stack update for Windows Server 2012: April 8, 2025 End of support information Support for Windows Server 2012 will end in October 2026 Windows Server 2012 reached the end of support EOS on October 10, 2023. Extended Security Updates ESUs are available for purchase and will...

KB5056457: Servicing stack update for Windows Server 2008 SP2: April 8, 2025

KB5056457: Servicing stack update for Windows Server 2008 SP2: April 8, 2025 End of support information Support for Windows Server 2008 has ended Windows Server 2008 Premium Assurance ended on January 13, 2026.Windows Server 2008 Extended Security Updates ESU ended on January 10, 2023...

Steps to TruRisk™ – 2: Measuring the Likelihood of Vulnerability Exploitation

Cybersecurity programs rely on various methods to measure the risk associated with vulnerabilities for prioritization, such as CVSS, EPSS, CISA KEV, or even internally developed systems that combine multiple approaches. While these methods help assess whether a specific vulnerability exists on an...

Exploit for Use After Free in Linux Linux_Kernel

CVE-2024-0582 Exploit PoC This repository provides a Proof-...

CVE-2025-30370

A flaw was found in jupyterlab-git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $. These directory names are allowed in macOS and a majority of Linux distributions. If a user starts jupyter-lab in a pare...

QR codes sent in attachments are the new favorite for phishers

Recently we’ve been seeing quite a few phishing campaigns using QR codes in email attachments. The lure and the targets are varied, but the use of a QR code to get someone to visit the phishing site is fast becoming a preferred method for cybercriminals. There are several reasons why cybercrimina...