CVE-2026-33682 Streamlit on Windows has Unauthenticated SSRF Vulnerability (NTLM Credential Exposure)

Streamlit is a data oriented application development framework for python. Streamlit Open Source versions prior to 1.54.0 running on Windows hosts have an unauthenticated Server-Side Request Forgery SSRF vulnerability. The vulnerability arises from improper validation of attacker-supplied...

PT-2023-2981 · D Link · D-Link Dir-300

Name of the Vulnerable Software and Affected Versions: D-Link DIR-300 firmware versions =REVA1.06 and =REVB2.06 Description: The issue is related to incorrect external control of a file name or path in the /model/ lang msg.php script of the D-Link DIR-300 router's firmware. This can be exploited ...

Redis File Upload

This module can be used to leverage functionality exposed by Redis to achieve somewhat arbitrary file upload to a file and directory to which the user account running the redis instance has access. It is not totally arbitrary because the exact contents of the file cannot be completely controlled...

Microsoft Windows Media Center - MCL (MS15-100) (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS15-100 Microsoft Windows Media Center MCL Vulnerability", 'Description' = %q This module exploits a vulnerability in Windows Media...

[slackware-security] pidgin (SSA:2013-044-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security pidgin SSA:2013-044-01 New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...