EUVD-2025-4563

Malicious code in bioql PyPI...

SUSE CVE-2025-27090

Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the...

Server-side Request Forgery

github.com/bishopfox/sliver is vulnerable to Server-side Request Forgery. The vulnerability is due to improper authorization and lack of validation in the Sliver teamserver's reverse port forwarding mechanism, which allows the implant to open a reverse tunnel without operator instruction...

CVE-2025-27090

Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the...

CVE-2025-27090

Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the...

GHSA-FH4V-V779-4G2W SSRF in sliver teamserver

Summary The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so Reproduction steps Run server wget...

CVE-2025-27090 Server-Side Request Forgery (SSRF) in sliver teamserver

Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the...

CVE-2025-27090

CVE-2025-27090 pertains to Sliver, an open-source adversary emulation framework. The issue is in the reverse port forwarding feature of the Sliver teamserver: the implant can open a reverse tunnel without verifying operator intent. The documented impact is the exposure of the server’s IP address ...

CVE-2025-27090 Server-Side Request Forgery (SSRF) in sliver teamserver

Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the...

A Red Teamer’s guide to pivoting

A Red Teamer’s guide to pivoting A Red Teamer's guide to pivoting Penetration testers often traverse logical network boundaries in order to gain access to client’s critical infrastracture. Common scenarios include developing the attack into the internal network after successful perimeter breach o...

Python - socket.recvfrom_into() Remote Buffer Overflow

Python - socket.recvfrominto Remote Buffer Overflow !/usr/bin/env python ''' Exploit Title: python socket.recvfrominto remote buffer overflow Date: 21/02/2014 Exploit Author: @sha0coder Vendor Homepage: python.org Version: python2.7 and python3 Tested on: linux 32bit + python2.7 CVE : CVE-2014-19...

Unreal Tournament - Remote Buffer Overflow (SEH)

Unreal Tournament - Remote Buffer Overflow SEH Unreal Tournament Remote Buffer Overflow Exploit SEH Windows Discovered by: Luigi Auriemma http://aluigi.altervista.org/adv/unsecure-adv.txt Coded By: Fulcrum 08/02/2011 Patch: http://www.unrealadmin.org/forums/showthread.php?t=15616 Vulnerable: all...

ASUS DPC Proxy 2.0.0.16/19 - Remote Buffer Overflow

/ Dreatica-FXP crew ---------------------------------------- Target : ASUS DPC Proxy 2.0.0.16/2.0.0.24 ---------------------------------------- Exploit : ASUS DPC Proxy 2.0.0.16/2.0.0.19 Remote Buffer Overflow Exploit Exploit date : 02.04.2008 Exploit writer : Heretic2 [email protected] OS :...