EUVD-2012-6574

Malware in sbrugna...

CVE-2012-10033

Narcissus is vulnerable to remote code execution via improper input handling in its image configuration workflow. Specifically, the backend.php script fails to sanitize the release parameter before passing it to the configureimage function. This function invokes PHP’s passthru with the unsanitize...

CVE-2012-10033

Narcissus is vulnerable to remote code execution via improper input handling in its image configuration workflow. Specifically, the backend.php script fails to sanitize the release parameter before passing it to the configureimage function. This function invokes PHP’s passthru with the unsanitize...

CVE-2012-10033

Narcissus (backend.php) Image Configuration Command Injection is CVE-2012-10033. The flaw: release parameter is not sanitized before passing to configure_image(), which invokes PHP passthru() with the unsanitized input. This enables remote code execution via a crafted POST request under the web s...

CVE-2025-20045

When SIP session Application Level Gateway mode ALG profile with Passthru Mode enabled and SIP router ALG profile are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached...

CVE-2025-20045

When SIP session Application Level Gateway mode ALG profile with Passthru Mode enabled and SIP router ALG profile are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached...

CVE-2025-20045 BIG-IP SIP MRF Vulnerability

When SIP session Application Level Gateway mode ALG profile with Passthru Mode enabled and SIP router ALG profile are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached...

CVE-2025-20045

CVE-2025-20045 affects F5 BIG-IP SIP ALG profile vulnerability where a SIP ALG Passthru Mode plus SIP router ALG on a Message Routing virtual server can cause Traffic Management Microkernel (TMM) termination, leading to DoS. The issue is documented across multiple sources (NVD, Red Hat, CVE listi...

K000138932: BIG-IP SIP ALG profile vulnerability CVE-2025-20045

Security Advisory Description When the Session Initiation Protocol SIP application layer gateway ALG profile with Passthru Mode enabled and the SIP router ALG profile are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to...

PT-2025-5728 · F5 · Traffic Management Microkernel +1

Name of the Vulnerable Software and Affected Versions: No specific software name is mentioned, but based on the context, it appears to be related to a product from a company like F5, given the mention of terms like "Traffic Management Microkernel TMM" and "Application Level Gateway mode ALG"...

F5 Networks BIG-IP : BIG-IP SIP ALG profile vulnerability (K000138932)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000138932 advisory. When the Session Initiation Protocol SIP application layer gateway ALG profi...

AEGON LIFE 1.0 Remote Code Execution

Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...

SUSE CVE-2022-40768

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.

...

DEBIAN-CVE-2022-40768

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...

Pet Shop Management System 1.0 - Remote Code Execution (Unauthenticated) Exploit

Title: Pet Shop Management System 1.0 - Remote Code Execution RCE Unauthenticated Author: Mr.Gedik Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14962/petshop-management-system-using-phppdo-oop-full-source-code-complete.html Version: 1.0...

IPTInstaller 4.0.9 - (PassThru Service) Unquoted Service Path Vulnerability

Exploit Title: IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path Exploit Author : SamAlucard Vendor : HTC Version : IPTInstaller 4.0.9 Vendor Homepage : https://www.htc.com/latam/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\Users\DSAZ230sc qc "PassThru Service" SC...

IPTInstaller 4.0.9 Unquoted Service Path

Exploit Title: IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : HTC Version : IPTInstaller 4.0.9 Vendor Homepage : https://www.htc.com/latam/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\Users\DSAZ230sc qc...

IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path

Exploit Title: IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : HTC Version : IPTInstaller 4.0.9 Vendor Homepage : https://www.htc.com/latam/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\Users\DSAZ230sc qc...

CVE-2019-16722

ZZZCMS zzzphp v1.7.2 has an insufficient protection mechanism against PHP Code Execution, because passthru bypasses an strireplace operation...