MAL-2025-6432 Malicious code in anku1-rce (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 49fbe573576f7a8b2de883e6b11d60e3df40ffb8db7d62ba7f5d76a06ef4900c Installing starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-07-anku2-rce Reasons...

Malicious code in anku1-rce (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 49fbe573576f7a8b2de883e6b11d60e3df40ffb8db7d62ba7f5d76a06ef4900c Installing starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-07-anku2-rce Reasons...

Malicious code in anku2-rce (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4a0fdfa7bc3195d177e4d6e3dcad16eb59cc436e2b4dc48230b0c088546086fe Installing starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-07-anku2-rce Reasons...

MAL-2025-6433 Malicious code in anku2-rce (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4a0fdfa7bc3195d177e4d6e3dcad16eb59cc436e2b4dc48230b0c088546086fe Installing starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-07-anku2-rce Reasons...

BIT-PYTORCH-2024-48063

In PyTorch =2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing...

tomcat security update

1:9.0.87-3.el96.1 - Resolves: RHEL-91765 tomcat: DoS via malformed HTTP/2 PRIORITYUPDATE frame CVE-2025-31650 - Resolves: RHEL-71981 tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 1:9.0.87-3 - Resolves: RHEL-82945 tomcat: Potential RCE and/or...

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITYUPDATE frame CVE-2025-3165...

RHEL 9 : tomcat (RHSA-2025:11334)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11334 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for...

ALSA-2025:11332 Important: tomcat9 security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITYUPDATE frame CVE-2025-3165...

ALSA-2025:11335 Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITYUPDATE frame CVE-2025-3165...

Patch Tuesday - July 2025

Microsoft is addressing 137 vulnerabilities this July 2025 Patch Tuesday, which is above average. Microsoft is aware of public disclosure for just one of the vulnerabilities published today, and Microsoft isn’t aware of in-the-wild exploitation for any of today’s batch. This is the tenth...

CVE-2025-53836

CVE-2025-53836 affects XWiki Rendering where the default macro content parser did not preserve the restricted transformation context during nested macro execution, allowing macros normally forbidden in restricted mode (notably script macros) to run via nested macros such as cache and chart. Affec...

CVE-2025-53371

DiscordNotifications is an extension for MediaWiki that sends notifications of actions in your Wiki to a Discord channel. DiscordNotifications allows sending requests via curl and filegetcontents to arbitrary URLs set via $wgDiscordIncomingWebhookUrl and $wgDiscordAdditionalIncomingWebhookUrls...

CVE-2025-53371

DiscordNotifications is an extension for MediaWiki that sends notifications of actions in your Wiki to a Discord channel. DiscordNotifications allows sending requests via curl and filegetcontents to arbitrary URLs set via $wgDiscordIncomingWebhookUrl and $wgDiscordAdditionalIncomingWebhookUrls...

CVE-2025-53371 DiscordNotifications allows DOS, SSRF, and possible RCE through requests to user-controlled URLs

DiscordNotifications is an extension for MediaWiki that sends notifications of actions in your Wiki to a Discord channel. DiscordNotifications allows sending requests via curl and filegetcontents to arbitrary URLs set via $wgDiscordIncomingWebhookUrl and $wgDiscordAdditionalIncomingWebhookUrls...

Exploit for CVE-2024-3568

Exploitation of pickle deserialization vulnerabilities in Tran...

CVE-2025-34083

...

Microsoft Word 2016 RCE Vulnerability (KB5002745)

This host is missing an important security update according to Microsoft KB5002745 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

PT-2025-28953 · Undefined · Undefined

Решения Ruckus Wireless Virtual SmartZone vSZ и Network Director RND подвержены многочисленным уязвимостям, которые могут позволить злоумышленникам скомпрометировать управляемые среды, оставаясь при этом неисправленными до настоящего времени. Ruckus Wireless Ruckus Networks реализует широкую...