7910 matches found
CVE-2025-66422
Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...
UBUNTU-CVE-2025-66422
Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...
CVE-2025-66422
Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...
CVE-2025-66422
Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back server setup information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...
CLSA-2025-1764325377 gstreamer1-plugins-base: Fix of CVE-2024-47615
CVE-2024-47615: fix OOB-Write in gstparsevorbissetuppacket by validating integer size input to prevent memory corruption...
Malicious code in threading-helper (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 74a87b74245d0639ace987a197363e4396c334434721b81ce7d1c4d7010edb55 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191898 Malicious code in threading-helper (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 74a87b74245d0639ace987a197363e4396c334434721b81ce7d1c4d7010edb55 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in dev-server-python (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 77df2294feff074b86c685e622e69901b80eb16fdbf60eb785a026318d84788e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in gptall (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d6c72f5a98f22bc22ef0ad7aef178f253ba95ebac54ba881f95762d4805f4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191742 Malicious code in gptall (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d6c72f5a98f22bc22ef0ad7aef178f253ba95ebac54ba881f95762d4805f4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
IGEL OS Privilege Escalation (via systemd service)
Escalate privileges for IGEL OS Workspace Edition sessions, by modifying network-manager.service using setupcmd SUID and network, then restarting the service. Module Options msf use exploit/linux/local/igelnetworkprivesc msf exploitigelnetworkprivesc show targets ...targets... msf...
PT-2025-48189
Name of the Vulnerable Software and Affected Versions TRENDnet TEW-657BRM version 1.00.1 Description The TRENDnet TEW-657BRM device version 1.00.1 contains an authenticated remote OS command injection issue in the setup.cgi binary. An attacker can exploit this by manipulating the HTTP parameters...
📄 IGEL OS Privilege Escalation
This Metasploit module escalates privileges for IGEL OS Workspace Edition sessions by modifying network-manager.service using setupcmd SUID and network and then restarting the service. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2025-65202
TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "nextfile," which allows an attacker to execute arbitrary commands with root privileges...
Exploit for Unrestricted Upload of File with Dangerous Type in Skittles Employee_Records_System
CVE-2021-4462 Test Environment Docker-based test environment...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in evil-py-argo-shell (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1739dfc040a7678b086f2ca5bab22249fcea3774fbf83c70a40b6427d6a847ee Package demonstrate potentially malicious execution of system commands, and seems to be used for pentesting purposes --- Category: PROBABLYPENTEST - Packages...
MAL-2025-191722 Malicious code in evil-py-argo-shell (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1739dfc040a7678b086f2ca5bab22249fcea3774fbf83c70a40b6427d6a847ee Package demonstrate potentially malicious execution of system commands, and seems to be used for pentesting purposes --- Category: PROBABLYPENTEST - Packages...
EUVD-2025-198654
Malicious code in react-library-setup npm...
Malicious code in react-library-setup (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd7f28e9ee69ccd4dc343423efa26fbdc798388c2d4abdb85588cc5a532dd2c3 The package react-library-setup was found to contain malicious code. Source: ghsa-malware...