546 matches found
Exploit for CVE-2026-8206
CVE-2026-8206 - Kirki WordPress Plugin Mass Exploit !Python...
CVE-2026-47270 pam_usb: strtok() race condition in multi-threaded PAM hosts can corrupt deny_remote result
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb is a PAM module loaded into the host process sudo, login, GDM, GNOME Shell. Display managers such as GDM run multiple concurrent authentication threads. Three functions used by the denyremote...
[SECURITY] Fedora 42 Update: mysql8.4-8.4.9-1.fc42
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
CVE-2026-44608
Summary: NLnet Labs Unbound versions 1.14.0–1.25.0 contain a locking inconsistency in RPZ handling that can cause a heap use-after-free and crash under specific multi-threaded conditions when an RPZ XFR reload occurs and an RPZ zone is loaded with rpz-nsip or rpz-nsdname triggers. An attacker wou...
Linux Distros Unpatched Vulnerability : CVE-2026-44608
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a locking inconsistency vulnerability that when certain conditions are met multi-threaded, RPZ...
Exploit for Missing Authentication for Critical Function in Cpanel
cPanel-CVE-2026-41940-Scanner !Licensehttps://img.shields...
K000160935: Curl vulnerability CVE-2025-14017
Security Advisory Description When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific...
GHSA-MP82-FMJ6-F22V pyLoad has a Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)
Summary The setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted proxy, then mutates the global Flask configuration SESSIONCOOKIESECURE on every request...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell CVE-2025-55182 POC High Fidelity Detection & Expl...
📄 Langflow 1.8.1 Remote Code Execution
This Python script is a multi-threaded tool targeting a suspected vulnerability in Langflow versions 1.8.1 and below that allows unauthenticated remote code execution through unsafe execution of CustomComponent code during flow compilation...
Suricata IDPE 8.0.4
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...
Exploit for CVE-2026-27944
Nginx UI Discovery Scanner - CVE-2026-27944 Version Detector ht...
Clam AntiVirus Toolkit 1.5.2
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs ar...
CVE-2026-25674
An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's...
Exploit for Cross-site Scripting in Bdtask Multi_Store_Inventory_Management_System
CVE-2024-2997 Scanner !Versionhttps://img.shields.io/badge...
📄 GnuTLS X.509 Name Constraints Denial of Service
This program is a multi-threaded test application created to analyze the impact of excessive X.509 Name Constraints processing in vulnerable versions of GnuTLS CVE-2025-14831. It generates a configurable certificate chain and attaches a very large number of Name Constraints and Subject Alternativ...
SigInt-Cirtanus 1.0
SigInt-Cirtanus is a Python-based, multi-threaded threat intelligence automation framework designed for defensive cybersecurity operations. It retrieves and processes real-time threat feeds e.g., from URLhaus, validates indicators, and dynamically generates detection artifacts for integration wit...
Exploit for Missing Authorization in Themepunch Slider_Revolution
CVE-2024-34444 - Slider Revolution Missing Authorization Scann...
CVE-2025-67433
A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...
PT-2026-7890
Name of the Vulnerable Software and Affected Versions Open TFTP Server MultiThreaded version 1.7 Description A heap buffer overflow exists in the processRequest function of Open TFTP Server MultiThreaded. This issue can be triggered by sending a crafted DATA packet, potentially leading to a Denia...