Heap-based Buffer Overflow

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Heap-based Buffer Overflow via undozipimpl function during a write operation when decompressing ZIPS-packed deep scan-line EXR files. An attacker can write arbitrary data to...

CVE-2025-8213 NinjaScanner – Virus & Malware scan <= 3.2.5 - Authenticated (Administrator+) Arbitrary File Deletion

The NinjaScanner – Virus & Malware scan plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'nscanajaxquarantine' and 'nscanquarantineselect' functions in all versions up to, and including, 3.2.5. This makes it possible for authenticated...

PT-2025-31521 · WordPress · Ninjascanner +1

Name of the Vulnerable Software and Affected Versions: NinjaScanner – Virus & Malware scan plugin for WordPress versions through 3.2.5 Description: The NinjaScanner – Virus & Malware scan plugin for WordPress is susceptible to arbitrary file deletion due to inadequate file path validation. This...

PT-2025-31587 · Openexr +1 · Openexr +1

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 3.3.3 Description: OpenEXR, an image storage format used in the motion picture industry, contains a flaw. A heap-based buffer overflow can occur during a read operation when decompressing DWAA-packed scan-line EXR...

kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrated below. To prevent...

Exploit for CVE-2007-6750

ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets. The project currently consists of two major components: a script invoking and aggregating the results of existing...

The vulnerability of the Common Client Real-time Scan service of Trend Micro’s anti-virus software programs, Apex One and Apex One as a Service, allows attackers to escalate their privileges and execute arbitrary code within the SYSTEM context.

The vulnerability of Trend Micro Apex One and Apex One as a Service anti-virus software’s Common Client Real-time Scan function is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to enhance their privileges and execute...

SMB Kerberos Not Working

The scan was configured to use Kerberos for Windows authentication, but Kerberos failed at least once for this host. There are many causes for Kerberos failure in a Windows environment. They include: Lack of time synchronization between the DC, scanner and target. DC or targets were not specified...

Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers

A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an "active, large-scale" exploitation campaign. The zero-day flaw, tracked as CVE-2025-53770 CVSS score: 9.8, has been described as a variant of CVE-2025-49704 CVSS score: 8.8, a code injection and...

OSV-2025-530 Invalid-free in cli_pdf

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=429489013 Crash type: Invalid-free Crash state: clipdf cliscanpdf climagicscan...

PT-2025-34262 · Git · Clamav

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=429489013 Crash type: Invalid-free Crash state: cli pdf cli scanpdf cli magic scan...

Exploit for Improper Access Control in Elasticsearch

欢迎各位大佬提BUG,当前版本 AssetScanV1.3 周期 初版：2019年11月28日 V1.0初版编写完成 修改1：2019年12月02日 感谢Shadow·J反馈kali下文件导入异常 修改2：2019年12月03日 V1.1发布，新增ARP存活检测（回滚，测bug） 修改3：2019年12月04日 V1.2发布，修复漏洞脚本异常，修复weblogic脚本 修改4：2019年12月05日 V1.2修改，感谢sevck提供设计思路以及代码不规范问题 修改5：2019年12月05日 V1.2修改，修复IP数据处理异常 修改6：2019年12月19日...

VulScan

MongoDB 未授权漏洞检测 mongodbunauth.py mongodbunauthmulti.py install python3 -m pip install pymongo mongodbunauth.py 单个IP检测 python3 mongodbunauth.py ip port zoounauthmulti.py 批量检测 python3 mongodbunauthmulti.py /root/unAuth/mongodb/us.txt 10...

The vulnerability of the mwifiexcmd_802_11_scan_ext() function in the drivers/net/wireless/marvell/mwifiex/scan.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the mwifiexcmd80211scanext function in the drivers/net/wireless/marvell/mwifiex/scan.c file of the Linux kernel is related to the copying of buffers without checking the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from pci pwrctrl not canceling a scan job, which could lead to reuse after release...

CVE-2024-51983

An unauthenticated attacker who can connect to the Web Services feature HTTP TCP port 80 can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the...

Exploit for Improper Protection of Alternate Path in Vbulletin

💥 vBulletin Remote Code Execution Scanner replaceAdTemplate...

CVE-2024-51983

An unauthenticated attacker who can connect to the Web Services feature HTTP TCP port 80 can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the...

CVE-2024-51983 Unauthenticated Denial of Service (DoS) via malformed WS-Scan request affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker who can connect to the Web Services feature HTTP TCP port 80 can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the...

CVE-2024-51983

CVE-2024-51983 is an unauthenticated DoS affecting multiple Brother/Brother-related devices (printer/ multifunction). The issue arises from improper validation of input in WS-Scan over Web Services (port 80); sending a WS-Scan SOAP request with an unexpected JobToken value crashes the device and ...