EUVD-2025-29096

Malicious code in bioql PyPI...

CVE-2025-10370 MiczFlor RPi-Jukebox-RFID userScripts.php cross site scripting

A vulnerability was identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This vulnerability affects unknown code of the file /htdocs/userScripts.php. The manipulation of the argument Custom script leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is...

CVE-2025-9715 O2OA Personal Profile script cross site scripting

A vulnerability was found in O2OA up to 10.0-410. Affected is an unknown function of the file /xcmsassemblecontrol/jaxrs/script of the component Personal Profile Page. The manipulation of the argument name/alias/description results in cross site scripting. The attack can be launched remotely. The...

CVE-2019-5012

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise the...

whois-ip NSE Script

Queries the WHOIS services of Regional Internet Registries RIR and attempts to retrieve information about the IP Address Assignment which contains the Target IP Address. The fields displayed contain information about the assignment and the organisation responsible for managing the address space...

Nmap NSE 6.01: ssh-hostkey

Shows SSH hostkeys. Shows the target SSH server's key fingerprint and with high enough verbosity level the public key itself. It records the discovered host keys in 'nmap.registry' for use by other scripts. Output can be controlled with the 'sshhostkey' script argument. The script also includes a...

Nmap NSE 6.01: dns-zone-transfer

Requests a zone transfer AXFR from a DNS server. The script sends an AXFR query to a DNS server. The domain to query is determined by examining the name given on the command line, the DNS server's hostname, or it can be specified with the dns-zone-transfer.domain' script argument. If the query is...

backorifice-brute NSE Script

Performs brute force password auditing against the BackOrifice service. The backorifice-brute.ports script argument is mandatory it specifies ports to run the script against. Script Arguments backorifice-brute.ports mandatory List of UDP ports to run the script against separated with "," ex...

resolveall NSE Script

NOTE: This script has been replaced by the --resolve-all command-line option in Nmap 7.70 Resolves hostnames and adds every address IPv4 or IPv6, depending on Nmap mode to Nmap's target list. This differs from Nmap's normal host resolution process, which only scans the first address A or AAAA...

snmp-interfaces NSE Script

Attempts to enumerate network interfaces through SNMP. This script can also be run during Nmap's pre-scanning phase and can attempt to add the SNMP server's interface addresses to the target list. The script argument snmp-interfaces.host is required to know what host to probe. To specify a port f...

smb-psexec NSE Script

Implements remote process execution similar to the Sysinternals' psexec tool, allowing a user to run a series of programs on a remote machine and read the output. This is great for gathering information about servers, running the same tool on a range of system, or even installing a backdoor on a...