EUVD-2018-3487

Malware in sbrugna...

EUVD-2023-31093

Malicious code in bioql PyPI...

EUVD-2025-8028

Malicious code in bioql PyPI...

NetApp SnapCenter Security Vulnerability

NetApp SnapCenter is a suite of applications from Network Appliance NetApp that provides the ability to back up, authenticate, clone, and restore NetApp storage systems. A security vulnerability exists in NetApp SnapCenter versions 4.8 through 4.9 that originates from allowing authenticated...

CVE-2023-20038

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static key value stored in the...

CVE-2023-20038

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static key value stored in the...

CVE-2023-20038

CVE-2023-20038 affects Cisco Industrial Network Director (IND). The issue is a static secret key used to encrypt application data and remote credentials, stored in the monitoring application. An authenticated, local attacker with access to the host could decrypt data to access remote systems moni...

PT-2023-1148 · Cisco · Cisco Industrial Network Director

Name of the Vulnerable Software and Affected Versions: Cisco Industrial Network Director affected versions not specified Description: A vulnerability in the monitoring application could allow an authenticated, local attacker to access a static secret key used to store both local data and...

Security Bulletin: Tivoli Storage Productivity Center clients affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)

Abstract These vulnerabilities are only applicable to Java deployments where untrusted code may be executed under a security manager e.g. Java applets running in a web browser. Content VULNERABILITY DETAILS: CVE IDs: CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823 DESCRIPTION: There ar...

F5 BIG-IP multiple products have unspecified vulnerabilities

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing, etc. Several F5 BIG-IP products have security vulnerabilities that can be exploited by attackers to access certificate and key files from remote...

NIMax 5.3.1 - (Remote VISA System) Denial of Service Exploit

Exploit Title: NIMax 5.3.1 - 'Remote VISA System' Denial of Service PoC Exploit Author: LinxzSec Vulnerability: Local Denial of Service DoS Vendor Homepage: https://www.ni.com/en-gb.html Software Link: License Required - https://knowledge.ni.com/KnowledgeArticleDetails?id=kA03q000000YGQwCAO&l=en-...

CIMplant - C# Port Of WMImplant Which Uses Either CIM Or WMI To Query Remote Systems

C port of WMImplant which uses either CIM or WMI to query remote systems. It can use provided credentials or the current user's session. Note: Some commands will use PowerShell in combination with WMI, denoted with in the --show-commands command. Introduction CIMplant is a C rewrite and expansion...

Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems

Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS. Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with...

SMBv2 Symlink to Local File Vulnerability

SMBv2 supports symlinks on remote file systems by returning a special status code STATUSSTOPPEDONSYMLINK when a symlink is encountered on the remote share. It also returns a symlink reparse data buffer to be processed to determine where to redirect the request. While this is supported functionali...

Integrating Threat and Vulnerability Management with Patch Management: The (Feasible) Quantum Leap

The rise of sophisticated attacks combined with the security-skills shortage have driven many organizations to go back to basics and review their processes for vulnerability and patch management. The approach is definitely a winning one, given that shrinking and managing the vulnerability surface...

Information Disclosure

openshift is vulnerable to information disclosure attacks. The vulnerability exists as Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp...

A Post-Exploitation Scanning/Mapping Tool: Scavenger

SCAVENGER is a multi-threaded post-exploitation scanning tool for mapping systems and finding “interesting” and most frequently used files, folders and services. Once credentials are gained, it can scan remote systems Linux, Windows and OSX via services like SMB and SSH to scrape that system...

Ranger - Tool To Access And Interact With Remote Microsoft Windows Based Systems

A tool to support security professionals access and interact with remote Microsoft Windows based systems. This project was conceptualized with the thought process, we did not invent the bow or the arrow, just a more efficient way of using it. Ranger is a command-line driven attack and penetration...

CVE-2015-4289

Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.02049 allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920...

Directory traversal

Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.02049 allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920...