MAL-2025-191807 Malicious code in package-346234294 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c9741d027897445cdd34a40de0f592a42641170b88a9cbab6cee3dbaaeeedb39 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

CVE-2025-50124

A CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation when the server is accessed by a privileged account via a console and through exploitation of a setup script...

Malicious code in seclab-research-depconf-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71ecf56c682dd44134d9a4d17fb2ae3d20091681372f89902c84d5dc2533c03d Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

CVE-2025-50124

A CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation when the server is accessed by a privileged account via a console and through exploitation of a setup script...

CVE-2025-50124

CVE-2025-50124 affects Schneider Electric EcoStruxure IT Data Center Expert (DCE) prior to version 9.0 (8.3 and earlier). The vulnerability stems from a Charon executable/configuration that can be abused by a low-privileged attacker to gain root privileges, enabling privilege escalation via local...

CVE-2025-50124

A CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation when the server is accessed by a privileged account via a console and through exploitation of a setup script...

scsi: st: Fix array overflow in st_setup()

...

PT-2025-29225 · Apache · Apache Server

Name of the Vulnerable Software and Affected Versions: Apache Server affected versions not specified Description: An Improper Privilege Management issue exists that could allow privilege escalation when the server is accessed by a privileged account via a console and through exploitation of a set...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20832)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a buffer overflow vulnerability that originates from the incorrect operation of the parameter pppUserName in the file /goform/formPPPoESetup, no details of the vulnerability are provided at this time...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20831)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect manipulation of the parameter L2TPUserName in the file /goform/formL2TPSetup, for which no detailed vulnerability details are provided at this tim...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20837)

The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect operation of the parameter wpsenroleepin/webpage in the file /goform/formWlanSetupWPS, no details of the vulnerability are...

Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c

A use-after-free flaw was found in nfsd4sscsetupdul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem...

CVE-2025-3780

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wcfmredirecttosetup function in all versions up to, and including, 6.7.16. This makes i...

The vulnerabilities in the components hclge_main.c and hclgevf_main.c of the Linux operating system’s kernel allow attackers to cause system failures.

The vulnerability of the hclgemain.c and hclgevfmain.c components of the Linux operating system’s kernel is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2025-7092 Belkin F9K1122 webs formWlanSetupWPS stack-based overflow

A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. This vulnerability affects the function formWlanSetupWPS of the file /goform/formWlanSetupWPS of the component webs. The manipulation of the argument wpsenroleepin/webpage leads to stack-based buffer overflow. Th...

CVE-2025-7088

A vulnerability, which was classified as critical, was found in Belkin F9K1122 1.00.33. This affects the function formPPPoESetup of the file /goform/formPPPoESetup of the component webs. The manipulation of the argument pppUserName leads to stack-based buffer overflow. It is possible to initiate...

CVE-2025-7087

A vulnerability classified as critical was found in Belkin F9K1122 1.00.33. Affected by this vulnerability is the function formL2TPSetup of the file /goform/formL2TPSetup of the component webs. The manipulation of the argument L2TPUserName leads to stack-based buffer overflow. The attack can be...

CVE-2025-38216

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Restore context entry setup order for aliased devices Commit 2031c469f816 "iommu/vt-d: Add support for static identity domain" changed the context entry setup during domain attachment from a set-and-check policy to a...

Shr3dKit

This is a Red Team Tool Kit repository, specifically designed for penetration testing and red teaming activities. The tool kit is influenced by infosecn1nja's kit and includes a wide range of tools for reconnaissance, weaponization, and delivery. The repository contains a total size of 2.5+Gb and...

Belkin F9K1122 安全漏洞

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that stems from the parameter pptpUserName in the file /goform/formPPTPSetup failing to correctly validate the length size of the input data, no detailed vulnerability details are...