Visual Studio Code Elevation of Privilege Vulnerability

Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

PT-2026-38742

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker wi...

EUVD-2026-13486

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: REST WebServices and Oracle Web Services Manager product of Oracle Fusion Middleware component: Web Services Security. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable...

CVE-2025-62456

Heap-based buffer overflow in Windows Resilient File System ReFS allows an authorized attacker to execute code over a network...

EUVD-2025-34378

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network...

Linux Distros Unpatched Vulnerability : CVE-2025-21536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and pri...

GHSA-P2WH-W96X-W232 Ollama Denial of Service (DoS) via Null Pointer Dereference

A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service DoS attack via remote network...

CVE-2022-28664

A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The freshtomato-mips has a vulnerable URL-decoding feature that...

UBUNTU-CVE-2022-21527

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Default credentials

Nuuo NT-4040 Titan, firmware NT-404001.07.0000.00151120, uses non-random default credentials of: admin:admin and localdisplay:111111. A remote network attacker can gain privileged access to a vulnerable device...

CVE-2016-6554

Affected products: Synology NAS DS107 (firmware 3.1-1639 and earlier), DS116, and DS213 (firmware earlier than 5.2-5644-1). Vulnerability: use of non-random default credentials (guest: blank, admin: blank) allows a remote network attacker to gain privileged access. Impact: attacker could obtain p...

Polycom Command Shell Authorization Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Polycom Command Shell Authorization Bypass', 'Alias' = 'polycomhdxauthbypass', 'Author' = 'Paul Haas ', module 'h00die ', submission/cleanup ,...

Update: Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials

Vulnerable Systems: Western Digital My Net Series Wireless Routers: N600 Firmware 1.03.12 N600 Firmware 1.04.16 N750 Firmware 1.03.12 N750 Firmware 1.04.16 N900 Firmware 1.05.12 N900 Firmware 1.06.18 N900 Firmware 1.06.28 N900C Firmware 1.05.12 N900C Firmware 1.06.18 N900C Firmware 1.06.28 CVE...

Western Digital My Net Wireless Routers - Password Disclosure

Exploit for hardware platform in category web applications Vulnerable Systems: Western Digital My Net Series Wireless Routers: N600 Firmware 1.03.12 N600 Firmware 1.04.16 N750 Firmware 1.03.12 N750 Firmware 1.04.16 N900 Firmware 1.05.12 N900 Firmware 1.06.18 N900 Firmware 1.06.28 N900C Firmware...

Western Digital My Net Password Disclosure

Vulnerable Systems: Western Digital My Net Series Wireless Routers: N600 Firmware 1.03.12 N600 Firmware 1.04.16 N750 Firmware 1.03.12 N750 Firmware 1.04.16 N900 Firmware 1.05.12 N900 Firmware 1.06.18 N900 Firmware 1.06.28 N900C Firmware 1.05.12 N900C Firmware 1.06.18 N900C Firmware 1.06.28 CVE...

SAP RFC SDK — Format String

Application: RFC SDK SAP AG Versions Affected: RFC SDK 6.40 7.11 Vendor URL: Bugs: Format String Vulnerability Exploits: YES Reported: 15.12.2009 Vendor response: 18.12.2009 Date of SAP Security Note Published: 14.09.2010 Date of Public Advisory: 14.12.2010 Author: Alexey Sintsov Description SAP...