KAVACHx

Intelligent Exploit & Patch Management Platform A full-stack...

CVE-2025-61672

Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...

EUVD-2021-25595

Malware in sbrugna...

EUVD-2021-28285

Malicious code in bioql PyPI...

Exploit for Injection in Cisco Identity_Services_Engine

CVE-2025-20281 — Cisco ISE Critical RCE Vulnerability 🛑...

PT-2025-27463 · Code Projects · Code-Projects Online Hotel Booking

Name of the Vulnerable Software and Affected Versions: code-projects Online Hotel Booking version 1.0 Description: A critical vulnerability has been found in the code-projects Online Hotel Booking software. This issue affects unknown code of the file /admin/registration.php. The manipulation of t...

PT-2025-27351 · Code Projects · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue has been found in the processing of the file /forum1.php, allowing unrestricted upload through the manipulation of the File argument. This can be initiated remotely. The...

PT-2025-26537 · Unknown · Code-Projects Simple Online Hotel Reservation System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Online Hotel Reservation System version 1.0 Description: A critical vulnerability was found in the code-projects Simple Online Hotel Reservation System. This issue affects the file /admin/delete pending.php, where the...

PT-2025-25750

Name of the Vulnerable Software and Affected Versions: Sitecore Experience Manager XM, Experience Platform XP, and Experience Commerce XC versions 9.0 through 9.3 and 10.0 through 10.4 Description: A Zip Slip vulnerability affects the software. A remote, authenticated attacker can exploit this...

PT-2025-25581

Name of the Vulnerable Software and Affected Versions @opennextjs/cloudflare versions prior to 1.3.0 create-cloudflare versions prior to 2.49.3 Description A Server-Side Request Forgery SSRF vulnerability was identified in the @opennextjs/cloudflare package. The vulnerability stems from an...

PT-2025-25569 · Unknown · Privileged Remote Access +1

Name of the Vulnerable Software and Affected Versions: BeyondTrust Remote Support versions affected versions not specified BeyondTrust Privileged Remote Access versions affected versions not specified Description: The chat feature within Remote Support and Privileged Remote Access is vulnerable t...

TencentOS Server 4: opencv (TSSA-2024:0353)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0353 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

PT-2025-24964 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing a low-privileged attacker to inject malicious scripts into vulnerable form fields. When a victim browses ...

PT-2025-25133 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing a low-privileged attacker to inject malicious scripts into vulnerable form fields. When a victim browses ...

PT-2025-23072 · Unknown · Likes/Dislikes Plugin

Name of the Vulnerable Software and Affected Versions: Likes and Dislikes Plugin versions up to, and including, 1.0.0 Description: The issue is related to SQL Injection via the post parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the...

PT-2025-30357

Name of the Vulnerable Software and Affected Versions iputils versions prior to patch availability. openSUSE Leap 15.5 openSUSE Leap 15.6 SUSE Linux Enterprise Server SLES 12 SP5 SLES 15 SP6 SLES 15 SP7 Description An integer overflow exists in iputils, specifically within the ping statistics...

PT-2025-21816 · D Link · D-Link Dcs-932L

Name of the Vulnerable Software and Affected Versions: D-Link DCS-932L version 2.18.01 Description: A critical issue affects the function SubUPnPCSInit of the file /sbin/udev. The manipulation of the argument CameraName leads to a stack-based buffer overflow. It is possible to initiate the attack...

PT-2025-18061 · Unknown · 20120630 Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus versions 20120630 through 0e156c04b4b7ce0563bef6c97af4476fcda8f160 Description: A critical vulnerability has been found in Novel-Plus, affecting the deleteIndex function of the LogController.java file. This leads to improper...

Exploit for CVE-2025-29927

CVE-2025-29927 ★ CVE-2025-29927 Next.js middleware bypass PoC...

PT-2025-15111 · Unknown · Codeprojects Online Restaurant Management System

Name of the Vulnerable Software and Affected Versions: codeprojects Online Restaurant Management System version 1.0 Description: A critical vulnerability was found in codeprojects Online Restaurant Management System. This affects an unknown part of the file /admin/reservation view.php. The...