CVE-2025-53869

Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...

PT-2025-52520

Name of the Vulnerable Software and Affected Versions AspEmail version 5.6.0.2 Description The software contains a binary permission issue that allows local users to gain higher system access. An attacker can replace the service executable within the BIN directory, due to full write permissions, ...

CVE-2021-32926

When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller Micro800: Al...

jenkins: lack of type validation in agent related REST API

A flaw was found in Jenkins. Due to lack of validation of type of object created after loading the data submitted to the config.xml REST API endpoint of a node, an attackers with Computer/Configure permission are able to replace a node with one of a different type...

install-nw code execution vulnerability

install-nw is a tool for installing and caching NW.j modules. A security vulnerability exists in versions prior to install-nw 1.1.5, which originates when the program downloads binary resources over the HTTP protocol. A remote attacker can exploit the vulnerability by replacing the requested bina...

Dnsmorph - Domain Name Permutation Engine Written In Go

DNSMORPH is a domain name permutation engine, inspired by dnstwist. It is written in Go making for a compact and very fast tool. It robustly handles any domain or subdomain supplied and provides a number of configuration options to tune permutation runs. DNSMORPH includes the following domain...