CVE-2021-2064

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core Components. The supported version that is affected is 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server...

Linux Distros Unpatched Vulnerability : CVE-2025-30749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that...

CVE-2024-29207

CVE-2024-29207 describes an improper certificate validation in Ubiquiti UniFi Connect ecosystem. Affected products and versions: UniFi Connect Application <= v3.7.9, UniFi Connect EV Station <= v1.1.18, UniFi Connect EV Station Pro <= v1.1.18, UniFi Connect Display <= v1.9.324, UniFi ...

CVE-2023-32330 IBM Security Verify Access man in the middle

IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977...

Unknown threat groups continues to exploit Log4j in VMware Products

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary An unknown APT group is exploiting the Log4j vulnerability that is affecting VMware Horizon and Unified Access Gateway UAG servers to compromise the system and take over the entire network by deploying malware...

CVE-2022-22570

A buffer overflow vulnerability found in the UniFi Door Access Reader Lite’s UA Lite firmware Version 3.8.28.24 and earlier allows a malicious actor who has gained access to a network to control all connected UA devices. This vulnerability is fixed in Version 3.8.31.13 and later...

Silver Peak SD-WAN Bugs Allow for Network Takeover

Silver Peak’s Unity Orchestrator, a software-defined WAN SD-WAN management platform, suffers from three remote code-execution security bugs that can be chained together to allow network takeover by unauthenticated attackers. SD-WAN is a cloud-based networking approach used by enterprises and...

TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover

The TA505 cybercrime group has ramped up its attacks lately, with a set of campaigns bent on spreading the persistent SDBbot remote-access trojan RAT laterally throughout an entire corporate environment, researchers said. SDBbot RAT is a custom job that has been observed in TA505 attacks since at...

TP-Link Routers Give Cyberattackers an Open Door to Business Networks

A firmware vulnerability in TP-Link Archer C5 v4 routers used in enterprise and home environments could allow unauthorized, remote access to the device with administrative privileges. The bug CVE-2017-7405 affects models that run firmware version 3.16.0 0.9.1 v600c.0 Build 180124 Rel.28919n. Firs...

OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

Weak Password Vulnerability in Byzoro PatrolFlow Multiservice Security Gateway

PatrolFlow is a multi-service security gateway intelligent management platform of Beijing Byzoro Network Technology Co. Byzoro PatrolFlow multi-service security gateway has a weak password vulnerability. An attacker can use the vulnerability to log in to the system and take over the entire networ...

Weak Password Vulnerability in Byzoro Audit Gateway

PatrolFlow-AM series products are high-performance application-delivery Internet behavior management devices launched by Byzoro Networks to meet the needs of Internet access users in terms of information content security, regulation of online behavior, network resource utilization, legal risk...

Weak Password Vulnerability in Haofeng Firewall System

Shenzhen Haofeng Communication Technology Co., Ltd. is a software enterprise recognized by the State Information Industry Department. Weak password vulnerability exists in Haofeng firewall system. Attackers can use the vulnerability to log in the firewall system and take over the whole network...

UBUNTU-CVE-2018-2633

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker...

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

UBUNTU-CVE-2017-10101

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

UBUNTU-CVE-2017-10102

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

Ubiquiti Networks Command Injection Vulnerability

Exploit for hardware platform in category web applications ======================================================================= title: Authenticated Command Injection product: Multiple Ubiquiti Networks products, e.g. TS-16-CARRIER, TS-5-POE, TS-8-PRO, AG-HP-2G16, AG-HP-2G20, AG-HP-5G23,...

OpenJDK: insecure class construction (Hotspot, 8167104)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

[FS-NyarL] A network takeover & forensic analysis tool

NyarL it's Nyarlathotep, a mitological chaotic deity of the writer HP. Lovecraft's cosmogony. It's represent Crawling Chaos and FS-NyarL it's The Crawling Chaos of Cyber Security :- A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit - but use it at...