📄 Tomcat Partial PUT Java Deserialization

This Metasploit module exploits a Java deserialization vulnerability in Apache Tomcats session restoration functionality that can be exploited with a partial HTTP PUT request to place an attacker controlled deserialization payload in the tomcatrootdir/webapps/ROOT/ directory. For the exploit to...

The vulnerability of the IBM Common Cryptographic Architecture (CCA) lies in the writing beyond the buffer boundaries in memory, which allows a attacker to trigger a failure in the operation of the Hardware Security Module (HSM).

The vulnerability of the IBM Common Cryptographic Architecture CCA lies in the writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause a failure in the Hardware Security Module HSM’s security hardware module by usin...

CVE-2025-3019

KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This can lead to information loss and/or modification of existin...

CVE-2025-3019 Cross-site scripting vulnerabilities in KNIME Business Hub web pages

KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This can lead to information loss and/or modification of existin...

PT-2025-13669 · Unknown +1 · Nuxt-Security +1

Name of the Vulnerable Software and Affected Versions: KNIME Business Hub versions prior to 1.12.4 KNIME Business Hub versions prior to 1.13.3 Description: The issue is caused by a bug in the widely used nuxt-security module, which leads to cross-site scripting vulnerabilities in KNIME Business...

SonicWall HTTP Login Scanner

This module adds HTTP Login scanning for SonicWall NSv. It allows scanning both admin and user accounts. Module Options msf use auxiliary/scanner/sonicwall/sonicwalllogin msf auxiliarysonicwalllogin show actions ...actions... msf auxiliarysonicwalllogin set ACTION msf auxiliarysonicwalllogin show...

CVE-2024-49823

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...

PT-2025-11057 · Google · Android

Name of the Vulnerable Software and Affected Versions: main.cpp affected versions not specified Description: A logic error in the code within main of main.cpp may allow bypassing SELinux. This could lead to local escalation of privilege without requiring additional execution privileges or user...

CVE-2024-49823

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...

CVE-2024-49823

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...

CVE-2024-49823 IBM Common Cryptographic Architecture denial of service

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...

CVE-2024-49823 IBM Common Cryptographic Architecture denial of service

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...

CVE-2024-49823

IBM Common Cryptographic Architecture (CCA) vulnerability CVE-2024-49823 affects CCA versions 7.0.0–7.5.51. An authenticated user could cause a denial of service in the IBM Hardware Security Module (HSM) by sending a specially crafted sequence of valid requests. The bulletin lists CWE-787 (Out-of...

Linux Distros Unpatched Vulnerability : CVE-2022-49180

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LSM: general protection fault in legacyparseparam The usual LSM hook bail on fail scheme doesn't work for cases where a security module may return an error code...

CVE-2022-49180 LSM: general protection fault in legacy_parse_param

In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacyparseparam The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from an error code returned by the LSM module when handling the mount option leading to caller confusion and...

Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats

Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service Cloud KMS for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers. The feature, currently in preview, coexists with...

HTTP Fetch, Reverse TCP Stager

Fetch and execute an AARCH64 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/http/aarch64/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...

HTTP Fetch

Fetch and execute a PPC64LE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/ppc64le/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...sho...

HTTPS Fetch

Fetch and execute an MIPSLE payload from an HTTPS server. Module Options msf use payload/cmd/linux/https/ppc/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show...