PT-2026-28128

I just got mass-mentioned in a GitHub Discussion claiming a "Severe Exploit" in Visual Studio Code. This is almost certainly a scam / malware attempt. Here’s why: Suspicious link: https://share.google/not showing you the actual link is not an official Microsoft or VS Code domain. Fake CVE format:...

EUVD-2025-197937

The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action in the handleTPCAdminAjaxRequest function. This makes it possible for...

CVE-2025-12372

The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action in the handleTPCAdminAjaxRequest function. This makes it possible for...

CVE-2025-12372

The CVE-2025-12372 entry concerns The Permalinks Cascade plugin for WordPress (up to version 2.2). The root cause is Missing Authorization in the handleTPCAdminAjaxRequest path, enabling authenticated users with subscriber-level access and above to perform unauthorized administrative actions (e.g...

CVE-2025-12372 The Permalinks Cascade <= 2.2 - Missing Authorization To Authenticated (Subscriber+) Plugin Settings Update

The Permalinks Cascade plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action in the handleTPCAdminAjaxRequest function. This makes it possible for...

Pinger 1.0 - Remote Code Execution

Title: Pinger 1.0 - Remote Code Execution Date: 2020-04-13 Author: Milad Karimi Vendor Homepage: https://github.com/wcchandler/pinger Software Link: https://github.com/wcchandler/pinger Tested on: windows 10 , firefox Version: 1.0 CVE : N/A...

Wizard Spider Upgrades Ryuk Ransomware to Reach Deep into LANs

The Ryuk ransomware has added two features to enhance its effectiveness: The ability to target systems that are in “standby” or sleep mode; and the use of Address Resolution Protocol ARP pinging to find drives on a company’s LAN. Both are employed after the initial network compromise of a victim...

Tunnel TCP connections over HTTP: Tunna

Tunnel TCP connections over HTTP Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. In a fully firewalled inbound and outbound connections restricted – except the webserver port. The...

Network Tool 0.2 PHPNuke Addon Metacharacter Filtering Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3552/info Network Tool is a PHPNuke addon, written and maintained by Rick Fournier. It is designed to offer network features such as nmap, traceroute, and ping from a web interface. A problem with the package has been...

Hack Record Book

Записная книга для хранения и обработки найденных на сайтах уязвимостей. Можно сохранить: + Ссылку. + Описание уязвимости. + ТИЦ, PR можно узнать автоматически. + Alexa rate. + Google indexed|not filtered pages count. + Дату и время записи. + Рейтинг уязвимости. + Ваши личные заметки по данному...

Input validation

Multiple unspecified "input validation" vulnerabilities in the Web management interface aka Messaging Administration interface in Avaya Message Storage Server MSS 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user...

sing pinging utility privilege escalation

-L parameter allow to ovewrite files...

fbsd-ping.txt

--0-1774392370-951065021=:49727 Content-Type: TEXT/PLAIN; charset=US-ASCII Attached unofficial patch to drop ICMP packets larger than 8184 bytes. E-Mail/Flame me if not liked... I wanted to be able to set the maximum value via sysctl but I'm not sure if I'll break anything, feel free to pick up...