CVE-2019-7655

Wowza Streaming Engine 4.8.0 and earlier from multiple authenticated XSS vulnerabilities via the 1 customList%5B0%5D.value field in enginemanager/server/serversetup/editadv.htm of the Server Setup configuration or the 2 host field in enginemanager/jspringsecuritycheck of the login form. This issu...

CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

EUVD-2025-199919

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

trytond allows remote attackers to obtain sensitive trace-back (server setup) information

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

UBUNTU-CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66422

Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

EUVD-2019-9400

Malware in sbrugna...

Exploit for External Control of File Name or Path in Microsoft

CVE-2025-33053 Proof Of Concept This repository provides scri...

CVE-2023-0207

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service...

Exploit for Improper Input Validation in Microsoft

Explotación de CVE-2024-21413 Outlook Estado del proyecto:...

📄 SilverStripe 5.3.8 Cross Site Scripting

SilverStripe version 5.34.8 suffers from a persistent cross site scripting vulnerability. Exploit Title: SilverStripe 5.3.8 - Stored Cross Site Scripting XSS Authenticated Date: 2025-01-15 Exploit Author: James Nicoll Vendor Homepage: https://www.silverstripe.org/ Software Link:...

Exploit for Cross-site Scripting in Warfareplugins Social_Warfare

CVE-2019-9978 - Social Warfare WordPress Plugin RCE system'ca...

Exploit for CVE-2025-29927

Next.js POC for CVE-2025-29927 - Authorization Bypass in Ne...

CVE-2024-39798

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that originates from the openvpn.cgi openvpnserversetup function's openport parameter failing to correctly filter constructed command special characters,...

How to Set Up Syslog to Capture Logs Real Time on a Central Location

This article describes how set up a Syslog server when you are experiencing issues across multiple XenServers and need to capture logs real-time on a central location...

GHSA-XRVH-RVC4-5M43 Kirby vulnerable to unrestricted file upload of user avatar images

TL;DR This vulnerability affects all Kirby sites that might have potential attackers in the group of authenticated Panel users. The attack requires user interaction by another user or visitor and cannot be automated. ---- Introduction Unrestricted upload of files with a dangerous type is a type o...

NVIDIA DGX-2 安全漏洞

The NVIDIA DGX-2 is a high-performance workstation for deep learning from NVIDIA, Inc. The NVIDIA DGX-2™ is NVIDIA's first 2 petaFLOPS appliance to integrate 16 NVIDIA V100 Tensor core GPUs, making it an excellent platform for tackling complex AI challenges. A security vulnerability exists in...