226 matches found
DrayTek Vigor - Command Injection
DrayTek Gateway devices Vigor2960, Vigor300B, etc. are vulnerable to command injection via the session parameter in the /cgi-bin/mainfunction.cgi/apmcfgupload endpoint. An attacker can inject arbitrary commands and retrieve their output. id: CVE-2024-12987 info: name: DrayTek Vigor - Command...
wannacry-soc-lab
WannaCry SOC Investigation Lab Overview This project simu...
Exploit for CVE-2020-25078
ABYSS C2 — HiSilicon DVR Exploit Framework ⚠️ EDUCATIONAL...
Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data
Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...
CVE-2026-7412
In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...
CVE-2026-7412
In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...
CVE-2026-7412
CVE-2026-7412 affects Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10. The Operation Delegation feature fails to validate the destination URI of delegated requests, enabling an unauthenticated remote attacker to coerce the BaSyx server into performing blind HTTP POSTs to arbitr...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use the correct macoffset to unwind the gsoskb in nshgsosegment. As shown in the call trace, the skbpanic occurred due to an incorrect skb-macheader in nshgsoSegment. Invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3...
PT-2026-39184
Name of the Vulnerable Software and Affected Versions Nginx UI versions prior to 2.3.5 Description An authenticated user can perform Server-Side Request Forgery SSRF by creating a cluster node that points to an arbitrary internal URL and sending API requests with the X-Node-ID header. The Proxy...
PT-2026-34742
Name of the Vulnerable Software and Affected Versions Carlson VASCO-B GNSS Receiver affected versions not specified Description The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism. This allows an attacker with network access to directly access and modify its configuration and...
CVE-2026-22828
A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Successful exploitation would require a large...
CVE-2026-22828
A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Successful exploitation would require a large...
Why Network Segmentation Projects Fail
Network segmentation is a foundational enterprise security control. Despite its recognized benefits, segmentation initiatives frequently fail in practice, and the field lacks a systematic empirical explanation for why these projects do not achieve their intended outcomes. This paper presents an...
Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service DoS condition. This vulnerability is due to improper handling of BOOTP packets on Cisco...
CVE-2026-23808
A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key GTK on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthoriz...
EUVD-2026-9414
A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key GTK on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthoriz...
CVE-2026-23808
A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key GTK on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthoriz...
CVE-2026-23808 Client Isolation Bypass via GTK Manipulation
A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key GTK on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthoriz...
CVE-2026-23808
A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key GTK on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthoriz...
CVE-2026-23808 Client Isolation Bypass via GTK Manipulation
A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key GTK on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthoriz...