CVE-2025-2515

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

EUVD-2025-205290

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

EUVD-2010-2483

Malware in sbrugna...

EUVD-2022-50253

Malicious code in bioql PyPI...

EUVD-2023-44924

Malicious code in bioql PyPI...

Exploit for CVE-2019-1322

COMahawk Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322 Video Demo https://vimeo.com/373051209 Usage Compile or Download from Release https://github.com/apt69/COMahawk/releases 1. Run COMahawk.exe 2. ??? 3. Hopefully profit or 1. COMahawk.exe "custom command to run" ie...

CVE-2025-20260 ClamAV PDF Scanning Buffer Overflow Vulnerability

A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service DoS condition, or execute arbitrary code on an affected device. This vulnerability exists because memory buffers are allocated...

CVE-2023-32841

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID:...

CVE-2020-5569

An unquoted search path vulnerability exists in HDD Password tool for Windows version 1.20.6620 and earlier which is stored in CANVIO PREMIUM 3TBHD-MB30TY, HD-MA30TY, HD-MB30TS, HD-MA30TS, CANVIO PREMIUM 2TBHD-MB20TY, HD-MA20TY, HD-MB20TS, HD-MA20TS, CANVIO PREMIUM 1TBHD-MB10TY, HD-MA10TY,...

CVE-2025-32825

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetProjects' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

Design/Logic Flaw

A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services...

CVE-2024-1683

CVE-2024-1683 describes a DLL injection vulnerability in Tenable Identity Exposure Secure Relay where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, potentially overriding configuration and starting new Secure Relay services. The CVSS ...

CVE-2023-40652

In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed...

Ubuntu: Security Advisory (USN-6192-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kardianos service 代码问题漏洞

kardianos service is a tool for running go programs as services. A code issue vulnerability exists in kardianos service, which stems from servicewindows.go omitting references that are sometimes required to execute the Windows service executable from the expected directory...

PT-2022-19706 · Unknown · Kardianos Service Package

Name of the Vulnerable Software and Affected Versions: kardianos service package for Go affected versions not specified Description: The issue is related to the service windows.go file in the kardianos service package for Go, which omits quoting that is sometimes needed for the execution of a...

UBUNTU-CVE-2020-24994

Stack overflow in the parsetag function in libass/assparse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file...

Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure Exploit

Exploit Title: Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure Exploit Author: Nitesh Surana Vendor Homepage: https://www.gxgroup.eu/ont-products/ Version: P4410-V2-1.34H Tested on: Windows/Kali CVE : CVE-2020-25988 import upnpy upnp = upnpy.UPnP Discover UPnP devices on the network...

BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path

Exploit Title: BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path Discovery Date: 2020-07-31 Response from BarcodeOCR Support: 08/03/2020 Exploit Author: Daniel Bertoni Vendor Homepage: https://www.barcode-ocr.com/ Version: 19.3.6 Tested on: Windows Server 2016, Windows 10 Find the Unquoted...