cacti -- Multiple vulnerabilities

Cacti repo reports: security GHSA-c5j8-jxj3-hh36: Authenticated RCE via multi-line SNMP responses security GHSA-f9c7-7rc3-574c: SQL Injection vulnerability when using tree rules through Automation API security GHSA-fh3x-69rr-qqpp: SQL Injection vulnerability when request automation devices securi...

PT-2025-1537

Name of the Vulnerable Software and Affected Versions Prusa PrusaSlicer versions prior to 2.6.2 Description A crafted 3mf project file can lead to arbitrary code execution on a host system during the process of slicing the project and exporting G-code. This issue occurs within the PostProcessor.c...

RCE (Remote Code Execution) org.apache.avro:avro Dependency in Bitbucket Data Center and Server

This High severity org.apache.avro:avro Dependency vulnerability was introduced in versions 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0, 8.15.0, 8.16.0, 8.17.0, 8.18.0, 8.19.0, 9.0.0, 9.1.0, and 9.2.0 of Bitbucket Data Center and Server. This org.apache.avro:avro Dependency...

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to jsonpath-plus (CVE-2024-21534) and cookie (CVE-2024-47764)

Summary IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to jsonpath-plus CVE-2024-21534 and cookie CVE-2024-47764. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-21534 DESCRIPTION: Versions of the package...

CVE-2025-24364 vaultwarden allows RCE in the admin panel

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Attacker with authenticated access to the vaultwarden admin panel can execute arbitrary code in the system. The attacker could then change some settings to use sendmail as mail agent but adjus...

A Pwn2Own SpiderMonkey JIT Bug

A Pwn2Own SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE. This repository contains proof of concept, exploit, and analysis slide for CVE-2024-29943...

Metasploit Weekly Wrap-Up 01/24/2025

LibreNMS Authenticated RCE module and ESC15 improvements This week the Metasploit Framework was blessed with an authenticated RCE module in LibreNMS, an autodiscovering PHP/MySQL-based network monitoring system. An authenticated attacker can create dangerous directory names on the system and alte...

Important: tomcat9

Issue Overview: Time-of-check Time-of-use TOCTOU Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write non-default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through...

Exploit for CVE-2024-415770

CVE-2024-415770-SSRF-RCE Description This script is desig...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity

Exploiting CVE-2024-27198-RCE Vulnerability In this project, I...

LibreNMS Authenticated Remote Code Execution Exploit

An authenticated attacker can create dangerous directory names on the system and alter sensitive configuration parameters through the web portal. Those two defects combined then allows to inject arbitrary OS commands inside shellexec calls, thus achieving arbitrary code execution. This module...

Debian dla-4017 : libtomcat9-embed-java - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4017 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4017-1 [email protected]...

Microsoft .NET Framework RCE Vulnerability (KB5050182)

This host is missing an important security update according to Microsoft KB5050182 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Excel 2016 RCE Vulnerability (KB5002673)

This host is missing an important security update according to Microsoft KB5002673 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

BIT-PHP-MIN-2022-31625 Freeing unallocated memory in php_pgsql_free_params()

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or...

CVE-2025-0282 and CVE-2025-0283: Critical Ivanti 0days Exploited in the Wild

Detect and mitigate CVE-2025-0282, a critical RCE vulnerability in Ivanti Connect Secure and CVE-2025-0283, exploited as 0day vulnerabilities in the wild. Organizations should patch urgently...

openSUSE Security Advisory (SUSE-SU-2025:0033-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

.NET Core RCE Vulnerability (January-1 2025)

This host is missing an important security update according to Microsoft security update January 2025. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

FreeBSD : Apache Tomcat -- RCE due to TOCTOU issue in JSP compilation (ed0a052a-c5e6-11ef-a457-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ed0a052a-c5e6-11ef-a457-b42e991fc52e advisory. [email protected] reports: Time-of-check Time-of-use TOCTOU Race Condition The mitigation for...

Mageia: Security Advisory (MGASA-2024-0394)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...