Tenda M3 /goform/setVlanInfo File Stack Buffer Overflow Vulnerability

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the incorrect operation of the parameters ID, vlan and port in...

EUVD-2025-15631

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-49865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network When copying a struct ifaddrlblmsg to the network, ifalreserved remained uninitialized...

CVE-2025-48219

O2 UK before 2025-05-19 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS IP Multimedia Subsystem call and then reading the utran-cell-id-3gpp field of a Cellular-Network-Info SIP header, aka an ECI E-UTRAN Cell Identity leak. The Cell ID might be usable to...

CVE-2025-48219

O2 UK before 2025-05-19 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS IP Multimedia Subsystem call and then reading the utran-cell-id-3gpp field of a Cellular-Network-Info SIP header, aka an ECI E-UTRAN Cell Identity leak. The Cell ID might be usable to...

CVE-2025-48219

O2 UK prior to 2025-05-19 exposes a vulnerability where an IMS call lets a subscriber read the utran-cell-id-3gpp (ECI) from the Cellular-Network-Info SIP header, potentially enabling crowdsourced cell-location inference. The issue concerns O2 UK VoLTE/IMS behavior and references ETSI TS 124 229 ...

CVE-2025-48219

O2 UK before 2025-05-19 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS IP Multimedia Subsystem call and then reading the utran-cell-id-3gpp field of a Cellular-Network-Info SIP header, aka an ECI E-UTRAN Cell Identity leak. The Cell ID might be usable to...

PT-2024-29580 · Txtdot · Txtdot

Name of the Vulnerable Software and Affected Versions: txtdot versions 1.4.0 through 1.6.0 Description: A Server-Side Request Forgery SSRF issue exists in the /proxy route, allowing remote attackers to send HTTP GET requests to arbitrary targets and retrieve internal network information...

Malicious Package

pygrata-utils is a malicious package. The library attempts to harvest and upload the AWS credentials, network interface information and environment variables to a remote endpoint: "hxxp://graph.pygrata.com:8000/upload."...

CVE-2022-27082

Tenda M3 1.10 V1.0.0.124856 was discovered to contain a command injection vulnerability via the component /goform/SetInternetLanInfo...

LinuxCatScale - Incident Response Collection And Processing Scripts With Automated Reporting Scripts

Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based hosts. The data aims to help DFIR professionals triage and scope incidents. An Elk Stack instance also is configured to consume the output and assist the analysis process. Usage This script...

Microsoft shares details of malware attack on aerospace, travel sector

By Habiba Rashid The malware allows attackers to steal credentials, take screenshots, webcam data, browser, clipboard data, system, and network info. This is a post from HackRead.com Read the original post: Microsoft shares details of malware attack on aerospace, travel sector...

uptime-agent-info NSE Script

Gets system information from an Idera Uptime Infrastructure Monitor agent. Example Usage nmap --script uptime-agent-info -p 9998 Script Output 9998/tcp open uptime-agent syn-ack | uptime-agent-info: SYSNAME=system123 | DOMAIN=none | ARCH="Linux system123 3.12.51-60.20-default 1 SMP Fri Dec 11...

0xsp-Mongoose - Privilege Escalation Enumeration Toolkit (ELF 64/32), Fast, Intelligent Enumeration With Web API Integration

Using 0xsp mongoose you will be able to scan a targeted operating system for any possible way for privilege escalation attacks, starting from collecting information stage until reporting information through 0xsp Web Application API. user will be able to scan different Linux os system at the same...

PE Linux - Linux Privilege Escalation Tool

New Linux Privilege Escalation Tool. Getting Started System Information Gatherer Kernel Information Gatherer Checking Development environments on the system Escaping Restricted Shells Extract PATH & environment Information Check Kernel if Vulnerable To Dirty cow Exploit Password Collector Log...

Lutron Quantum 3.2.243 Information Disclosure

Exploit Title: Login bypass and data leak - Lutron Quantum 2.0 - 3.2.243 firmware Date: 20-03-2018 Exploit Author: David Castro Contact: https://twitter.com/SadFud75 Vendor Homepage: http://www.lutron.com Software Link:...

Lutron Quantum 2.0 - 3.2.243 - Information Disclosure Exploit

Exploit for hardware platform in category web applications ''' Exploit Title: Login bypass and data leak - Lutron Quantum 2.0 - 3.2.243 firmware Date: 20-03-2018 Exploit Author: David Castro Contact: https://twitter.com/SadFud75 Vendor Homepage: http://www.lutron.com Software Link:...