GPUBreach: Privilege Escalation Attacks on GPUs Using Rowhammer

NVIDIA GPUs with GDDR memories have been shown susceptible to Rowhammer-based bit-flips, similar to CPUs. However, Rowhammer exploits on GPUs have been limited to injecting untargeted bit-flips in victim data like weights of machine learning models, to degrade model accuracy, unlike CPU exploits...

CVE-2026-42373

D-Link DIR-605L Hardware Revision B2 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76dlwbrdir605L" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

CVE-2026-42375

D-Link DIR-600L A1 (End-of-Life) is affected by CVE-2026-42375 due to a hardcoded telnet backdoor. The device runs a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u u...

CVE-2026-42374

D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

EUVD-2026-27021

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

CVE-2026-21915

The CVE describes a vulnerability in Juniper Networks’ JSI Virtual Lightweight Collector (vLWC). A Permissive List of Allowed Input in the CLI enables local, high-privilege attackers to inject shell commands that run with root permissions, potentially yielding full system control. Affected: all J...

Exploit for OS Command Injection in Vsftpd_Project Vsftpd

🧨 Metasploitable 2 Penetration Testing Lab 📅 Duration 2026...

CVE-2026-24740

CVE-2026-24740 summary (Dozzle) : Dozzle’s agent-backed shell endpoints permit a user restricted by a per-user label filter (for example, label=env=dev) to obtain an interactive root shell in containers outside the user’s label scope (for example, env=prod) on the same agent host. The root cause ...

Raisecomm RAX701-GC Series

RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to bypass authentication and gain unauthenticated root shell access to the affected devices. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...

TP-Link Omada gateways 安全漏洞

TP-Link Omada gateways is a security gateway from China P&L TP-Link. A security vulnerability exists in TP-Link Omada gateways, which originates from restricted conditions where an attacker can gain access to the underlying operating system root shell...

CVE-2025-60856

Reolink Video Doorbell WiFi DB566128M5MPW allows root shell access through an unsecured UART/serial console. An attacker with physical access can connect to the exposed interface and execute arbitrary commands with root privileges. NOTE: this is disputed by the Supplier because of "certain...

EUVD-2018-12585

Malware in sbrugna...

EUVD-2017-5833

Malware in sbrugna...

EUVD-2020-2717

Malware in sbrugna...

EUVD-2017-5832

Malware in sbrugna...

EUVD-2016-0919

Malware in sbrugna...

EUVD-2019-7072

Malware in sbrugna...

EUVD-2021-21372

Malware in sbrugna...

EUVD-2020-24688

Malware in sbrugna...

EUVD-2018-7249

Malware in sbrugna...