1827 matches found
Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their arsenals for...
BPFDoor’s Hidden Controller Used Against Asia, Middle East Targets
A controller linked to BPF backdoor can open a reverse shell, enabling deeper infiltration into compromised networks. Recent attacks have been observed targeting the telecommunications, finance, and retail sectors across South Korea, Hong Kong, Myanmar, Malaysia, and Egypt...
CVE-2025-32383
MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell...
CVE-2025-32383
MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell...
CVE-2025-32383 MaxKB has a reverse shell vulnerability in function library
MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell...
CVE-2025-32383 MaxKB has a reverse shell vulnerability in function library
MaxKB Max Knowledge Base is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation RAG. A reverse shell vulnerability exists in the module of function library. The vulnerability allow privileged users to create a reverse shell...
CVE-2025-32383
MaxKB (Max Knowledge Base) has a reverse shell vulnerability in the function library module that could allow privileged users to create a reverse shell. The issue is fixed in version 1.10.4-lts. Affected software is MaxKB; root cause details are not elaborated in the provided documents. Remediati...
MaxKB 代码注入漏洞
MaxKB is a 1Panel-dev open source open source knowledge base question and answer system based on a large language model and RAG. MaxKB suffers from a code injection vulnerability that stems from a reverse shell vulnerability in the function library module that allows a privileged user to create a...
PT-2025-15982 · Maxkb · Maxkb
Name of the Vulnerable Software and Affected Versions: MaxKB versions prior to 1.10.4-lts Description: A reverse shell vulnerability exists in the module of the function library, allowing privileged users to create a reverse shell. This issue is related to the function library module...
MAL-2025-191731 Malicious code in flask-auth-system (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 debc87eb7af33e5146831c7e1b8ff69ccdebe2c9bbf353216c719b10ebe8431c On importing the module, the code attempts to span a reverse shell. In the current version, the remote domain does not exist --- Category: MALICIOUS - The...
Malicious code in flask-auth-sys (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a241889bfae20aee5395660063d13f337aa9733c14b02bf2edb004d6d36e1d41 On importing the module, the code attempts to span a reverse shell. In the current version, the remote domain does not exist --- Category: MALICIOUS - The...
Malicious code in flask-auth-system (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 debc87eb7af33e5146831c7e1b8ff69ccdebe2c9bbf353216c719b10ebe8431c On importing the module, the code attempts to span a reverse shell. In the current version, the remote domain does not exist --- Category: MALICIOUS - The...
MAL-2025-191730 Malicious code in flask-auth-sys (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a241889bfae20aee5395660063d13f337aa9733c14b02bf2edb004d6d36e1d41 On importing the module, the code attempts to span a reverse shell. In the current version, the remote domain does not exist --- Category: MALICIOUS - The...
Exploit for CVE-2025-1974
CVE-2025-1974: Kubernetes Ingress Nginx Controller 취약점 분석 및 Po...
Exploit for Out-of-bounds Write in Gibbonedu Gibbon
CVE-2023-45878 GibbonEdu Arbitrary File Write to Web Shell...
Exploit for Out-of-bounds Write in Gibbonedu Gibbon
CVE-2023-45878 to RCE !cve-2023-45878torcehttps://github...
Exploit for CVE-2025-1974
PoC exploit for CVE-2025-1974, an Ingress RCE vulnerability. The...
Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks
Cybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software supply chain attacks targeting the open-source ecosystem. The packages in question are...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
It is an offensive tool for web application exploitation. The re...
Malicious code in prmduc193 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 766c3df26ad3e62a1923e1c6879348aba96deafb8bf62a1555c589b57cd91fc0 Importing the package starts a revshell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-03-prmduc193...