CVE-2025-68953 Certain Frappe requests are vulnerable to Path Traversal

Frappe is a full-stack web application framework. Versions 14.99.5 and below and 15.0.0 through 15.80.1 include requests that are vulnerable to path traversal attacks. Arbitrary files from the server could be retrieved due to a lack of proper sanitization on some requests. This issue is fixed in...

EUVD-2025-206230

Frappe is a full-stack web application framework. Versions 14.99.5 and below and 15.0.0 through 15.80.1 include requests that are vulnerable to path traversal attacks. Arbitrary files from the server could be retrieved due to a lack of proper sanitization on some requests. This issue is fixed in...

CVE-2025-68953 Certain Frappe requests are vulnerable to Path Traversal

Frappe is a full-stack web application framework. Versions 14.99.5 and below and 15.0.0 through 15.80.1 include requests that are vulnerable to path traversal attacks. Arbitrary files from the server could be retrieved due to a lack of proper sanitization on some requests. This issue is fixed in...

HTTPS Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an RISC-V 64-bit payload from an HTTPS server. Connect back to attacker and spawn a command shell. Module Options msf use payload/cmd/linux/https/riscv64le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...

TFTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an RISC-V 64-bit payload from a TFTP server. Connect back to attacker and spawn a command shell. Module Options msf use payload/cmd/linux/tftp/riscv64le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an RISC-V 64-bit payload from an HTTP server. Connect back to attacker and spawn a command shell. Module Options msf use payload/cmd/linux/http/riscv64le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...

PT-2026-1347

Name of the Vulnerable Software and Affected Versions Frappe versions 14.99.5 and below and 15.0.0 through 15.80.1 Description Frappe, a full-stack web application framework, contains a path traversal issue in certain requests. Insufficient input sanitization allows the potential retrieval of...

XLST-XML-PAYLOAD-GENERATOR

XLST-XML-PAYLOAD-GENERATOR This project is a...

Exploit for Code Injection in Microsoft

Reverse Shell-able Exploit POCs Sharing the list of Windows e...

Exploit for Code Injection in Microsoft

Reverse Shell-able Exploit POCs Sharing the list of Windows e...

Exploit for CVE-2024-25600

🧱 BrickBreaker !Pythonhttps://img.shields.io/badge/Pytho...

LFI-DVWA-Lab-

LFI Exploitation – DVWA Lab 📌 Overview This project demons...

[SECURITY] Fedora 42 Update: nginx-1.28.1-1.fc42

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

[SECURITY] Fedora 43 Update: nginx-1.28.1-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

GHSA-VFRF-VCJ7-WVR8 Signal K Server Vulnerable to Access Request Spoofing

The SignalK access request system has two related features that when combined by themselves and with the infromation disclosure vulnerability enable convincing social engineering attacks against administrators. When a device creates an access request, it specifies three fields: clientId,...

PT-2026-23852

Name of the Vulnerable Software and Affected Versions Apache ZooKeeper versions prior to 3.8.6 Apache ZooKeeper versions prior to 3.9.5 Description A flaw exists in the hostname verification process within Apache ZooKeeper’s ZKTrustManager. When IP Subject Alternative Name SAN validation fails, t...

CVE-2023-54201

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

SUSE CVE-2023-54201

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

EUVD-2023-60440

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

CVE-2023-54201

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...