CVE-2025-30234

SmartOS (as used in Triton Data Center and related products) is affected by CVE-2025-30234 due to static host SSH keys embedded in the 60f76fd2-143f-4f57-819b-1ae32684e81b image (a Debian 12 LX zone image from 2024-07-26). The issue is tied to the presence of static host keys in the image, with C...

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access

Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. "Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed," c/side researcher Himanshu Anand said in ...

CVE-2024-1728

gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in t...

Gogs allows argument Injection when tagging new releases

Impact Unprivileged user accounts with at least one SSH key can read arbitrary files on the system. For instance, they could leak the configuration files that could contain database credentials database and security SECRETKEY. Attackers could also exfiltrate TLS certificates, other users'...

GHSA-M27M-H5GJ-WWMG Gogs allows argument Injection when tagging new releases

Impact Unprivileged user accounts with at least one SSH key can read arbitrary files on the system. For instance, they could leak the configuration files that could contain database credentials database and security SECRETKEY. Attackers could also exfiltrate TLS certificates, other users'...

Exploit for Path Traversal in Grafana

Automated Exploit Tool for Grafana CVE-2021-43798 !Previewi...

CVE-2024-55560

MailCleaner before 28d913e has default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key that persist after installation...

CVE-2024-55560

MailCleaner before 28d913e has default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key that persist after installation...

CVE-2024-55560

CVE-2024-55560 affects MailCleaner versions before 28d913e, where the default SSH host keys (ssh_host_dsa_key, ssh_host_rsa_key, ssh_host_ed25519_key) persist after installation. The underlying issue is the continued presence of these default keys, which can enable unauthorized access to the devi...

CVE-2024-55560

MailCleaner before 28d913e has default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key that persist after installation...

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner

Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later adding malicious code to steal sensitive data and mine cryptocurrency on infected systems. The package,...

Path traversal, lead to arbitrary file write, lead to remote code execution

Description Anythingllm use multer library to handle http multi-part file upload. Anything llm use the following code to handle non-ascii file name file.originalname = Buffer.fromfile.originalname, "latin1".toString "utf8" ; This way of manipulating filename is will lead to path traversal. multer...

Hackers Claim Access to Nokia Internal Data, Selling for $20,000

Hackers claim to have breached Nokia through a third-party contractor, allegedly stealing SSH keys, source code, and internal…...

Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code

Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from victims' crypto wallets. The package, named "CryptoAITools," is said to have been distributed...

SSH Authorized Keys File Detected

A SSH Authorized Keys file have been detected on the target web application. These files may contain sensitive information which could assist an attack to conduct further attacks. No source data...

CVE-2024-10100

A path traversal vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as...

CVE-2023-32189

Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially gain access to the keys...

CVE-2023-32189

CVE-2023-32189 affects SUSE Manager (bootstrapping new clients) through insecure handling of SSH keys, enabling local attackers to access the keys. The issue is tied to SUSE Manager Server deployments; exploitation details are not described in the provided docs. Remediation is indicated by the SU...

Acronis Cyber Infrastructure default password remote code execution

Acronis Cyber Infrastructure ACI is an IT infrastructure solution that provides storage, compute, and network resources. Businesses and Service Providers are using it for data storage, backup storage, creating and managing virtual machines and software-defined networks, running cloud-native...

cloud-init bug fix and enhancement update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...