CVE-2026-35512

xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation due to insufficient validation of client-controlled size parameters, allowing an out-of-bounds write via crafted PDUs. Pre-authentication...

Exploit for Improper Authentication in Cisco Catalyst_Sd-Wan_Manager

CVE-2026-20127---Cisco-SD-WAN-Preauth-RCE Cisco SD-WAN Zero-...

📄 WordPress Tatsu 3.3.11 Shell Upload

WordPress Tatsu plugin version 3.3.11 proof of concept unauthenticated remote shell upload exploit. ============================================================================================================================================= | Title : WordPress Tatsu 3.3.11 Plugin Unauthenticated...

EUVD-2025-23201

Malicious code in bioql PyPI...

CVE-2025-50464

A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENTTYPE HTTP header into a fixed-size stack buffer v8, allocated 8 bytes without...

CVE-2025-50464

A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENTTYPE HTTP header into a fixed-size stack buffer v8, allocated 8 bytes without...

CVE-2025-50464

A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENTTYPE HTTP header into a fixed-size stack buffer v8, allocated 8 bytes without...

CVE-2025-50464

A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENTTYPE HTTP header into a fixed-size stack buffer v8, allocated 8 bytes without...

CVE-2025-50464

The CVE-2025-50464 affects iptime NAS firmware v1.5.04. The issue is a pre-authentication buffer overflow in the upload.cgi module caused by unsafe use of strcpy to copy attacker-controlled data from the CONTENT_TYPE HTTP header into a fixed-size stack buffer (8 bytes). This can be exploited befo...

PT-2025-31431 · Iptime · Iptime Nas Firmware

Name of the Vulnerable Software and Affected Versions: iptime NAS firmware version 1.5.04 Description: A buffer overflow exists in the upload.cgi module due to the unsafe use of the strcpy function. This function copies data from the CONTENT TYPE HTTP header into a fixed-size stack buffer 8 bytes...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433Erlang-OTP This script is a custom security too...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433Erlang-OTP This script is a custom security too...

Commvault Command Center Innovation Release 11.38 Remote Code Execution

Commvault Command Center Innovation Release version 11.38 proof of concept pre-authentication remote code execution exploit...

CVE-2025-28032

The CVE-2025-28032 issue affects TOTOLINK router models A800R, A810R, A830R, A950RG, A3000RU, and A3100R, with a pre-auth buffer overflow in the setNoticeCfg function via the IpForm parameter. Root cause: buffer overflow in pre-auth code path. Impact is described as a vulnerability in the provide...

Exploit for CVE-2020-11651

CVE-2020-11651 This is a POC for CVE-2020-11651, which obtain...

Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit

No description provided by source. !/usr/bin/python PRE AUTHENTICATION Eudora Qualcomm WorldMail 3.0 IMAPd Service 6.1.19.0 Overflow. Discovered by Tim Shelton - [email protected] Coded by [email protected] Details: SEH gets overwritten at 970 bytes in the LIST command. No space...