MINI-947F-P9M4-7HXC

Bulletin has no description...

Malicious code in husky-meteor-gemini-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdfc9a8d26d2c0e67cc74c976c7f1e83ecd84e23ff3a4a64f056c4582cd67c98 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-116097 Malicious code in nurul-lupis56-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5fc1c5e424c3edcfb6c57cf2fd14b4a8b5d72897b4cb8dc7fd73090cc3ea504 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Azure Networking Elevation of Privilege Vulnerability

...

CVE-2025-9847 ScriptAndTools Real Estate Management System register.php unrestricted upload

A weakness has been identified in ScriptAndTools Real Estate Management System 1.0. Impacted is an unknown function of the file register.php. This manipulation of the argument uimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to...

Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

CVE-2010-0247

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:22+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d 2025-08-31 03:12:55+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

Linux Distros Unpatched Vulnerability : CVE-2019-16396

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GnuCOBOL 2.2 has a use-after-free in the endscopeofprogramname function in cobc/parser.y via crafted COBOL source code. CVE-2019-16396 Note that Nessus relies o...

Hoop

BugBountyScanner Ferramenta em Python para análise automatiz...

WordPress Neresa Theme <= 1.3 is vulnerable to Local File Inclusion

Software Neresa Type Theme Vulnerable versions = 1.3 Fixed in 1.4 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-49383 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID fb80e42ea19b Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity Requir...

Linux Distros Unpatched Vulnerability : CVE-2018-19871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption. CVE-2018-19871 Note that Nessus relies on the presence of the...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : GStreamer Base Plugins vulnerabilities (USN-7716-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7716-1 advisory. Shaun Mirani discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these...

USN-7714-1: Open VM Tools vulnerabilities

Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A local attacker could possibly use this issue to hijack /dev/uinput and simulate user inputs. CVE-2023-34059 Dolev Farhi discovered that Open VM Tools incorrectly handled certain file...

MAL-2025-33855 Malicious code in squizer (npm)

The package squizer was found to contain malicious code...

Malicious code in yucca-iceberg-emk089-project (npm)

The package yucca-iceberg-emk089-project was found to contain malicious code...

Exploit for Relative Path Traversal in Articatech Artica_Proxy

LFI to RCE Exploit via Log Poisoning Python3 exploit for CVE...

Jailbreaking Large Language Diffusion Models: Revealing Hidden Safety Flaws in Diffusion-Based Text Generation

Large Language Diffusion Models LLDMs exhibit comparable performance to LLMs while offering distinct advantages in inference speed and mathematical reasoning tasks.The precise and rapid generation capabilities of LLDMs amplify concerns of harmful generations, while existing jailbreak methodologie...

Manipulating LLM Web Agents with Indirect Prompt Injection Attack Via HTML Accessibility Tree

This work demonstrates that LLM-based web navigation agents offer powerful automation capabilities but are vulnerable to Indirect Prompt Injection IPI attacks. We show that adversaries can embed universal adversarial triggers in webpage HTML to hijack agent behavior that utilizes the accessibilit...

Perfect Privacy for Discriminator-Based Byzantine-Resilient Federated Learning

Federated learning FL shows great promise in large-scale machine learning but introduces new privacy and security challenges. We propose ByITFL and LoByITFL, two novel FL schemes that enhance resilience against Byzantine users while keeping the users' data private from eavesdroppers. To ensure...

OS Command Exec, Unix Command Shell, Double Reverse TCP (telnet)

Execute an OS command from PHP. Creates an interactive shell through two inbound connections Module Options msf use payload/php/unix/cmd/reverse msf payloadreverse show actions ...actions... msf payloadreverse set ACTION msf payloadreverse show options ...show and set options... msf payloadrevers...