PT-2025-31354

Name of the Vulnerable Software and Affected Versions: cryptexctl affected versions not specified Description: A permissions issue was addressed with additional restrictions. The issue involves a scenario where sudo attempts to load an unsigned dynamic library dylib from the current directory. Th...

SUSE SLES15 Security Update : kernel (Live Patch 27 for SLE 15 SP4) (SUSE-SU-2025:02455-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02455-1 advisory. This update for the Linux Kernel 5.14.21-15040024122 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD:...

truevalue.ischool.syr.edu Cross Site Scripting vulnerability OBB-3882980

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2023-3875

Name of the Vulnerable Software and Affected Versions MikroTik RouterOS versions prior to 6.49.7 MikroTik RouterOS long-term versions prior to 6.48.7 Description The issue is related to a privilege escalation problem in the Winbox and HTTP interfaces of MikroTik RouterOS. A remote and authenticat...

CVE-2023-0045

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next...

AlmaLinux 9 : qemu-kvm (ALSA-2022:5263)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5263 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

Linux Kernel IP Vulnerability 2

On the week of July 15th, researcher Juha-Matti Tilli disclosed a vulnerability in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland NCSC-FI, CERT Coordination Center CERT/CC, and Akamai. The vulnerability, CVE-2018-5391, is a resource exhaustion attack...

Chatting System PHP Ajax MySQL JavaScript 1.0 Shell Upload

Exploit Title: Chatting System PHP Ajax MySQL JavaScript - Remote Shell Upload Google Dork: N/A Date: 2017/31/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/IngeniousDeveloper Software Buy:...

Tripbuddy Travel, Locations, And Events 1.0 Cross Site Scripting

Exploit Title: Tripbuddy - Travel, Locations and Events Web App - xss Google Dork: N/A Date: 2017/28/12 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://tripbuddy-app.com/ Software Buy:...

Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'NamedObj ' Kernel Loader

PS4 4.05 Kernel Exploit --- Summary In this project you will find a full implementation of the "namedobj" kernel exploit for the PlayStation 4 on 4.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does...

Symantec Web Gateway Management Console Interface Command Injection

SUMMARY Symantec has released an update to address a Symantec Web Gateway SWG Management Console Interface command injection issue bypassing validation restrictions to add an unauthorized whitelist entry. AFFECTED PRODUCTS Symantec Web Gateway SWG --- CVE | Affected Versions | Remediation...

CA20141001-01: Security Notice for Bash Shellshock Vulnerability

CA20141001-01: Security Notice for Bash Shellshock Vulnerability Issued: October 01, 2014 Updated: October 03, 2014 CA Technologies is investigating multiple GNU Bash vulnerabilities, referred to as the "Shellshock" vulnerabilities, which were publicly disclosed on September 24-27, 2014. CVE...

AIX 610003 : U828452

The remote host is missing AIX PTF U828452 which is related to the security of the package devices.iscsi.disk.rte You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

AIX 530008 : U819193

The remote host is missing AIX PTF U819193 which is related to the security of the package bos.rte.console You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

AIX 610000 : U815169

The remote host is missing AIX PTF U815169 which is related to the security of the package bos.rte.control You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

Microsoft GDI+ Library JPEG Segment Length Integer Underflow Vulnerability

Description Microsoft Graphics Device Interface GDI+ JPEG handler is reported prone to an integer underflow vulnerability when handling JPEG format images. This issue presents itself due to a lack of sufficient sanity checks performed on certain JPEG data before this data employed as a bounds val...

MS03-050: Word and/or Excel may allow arbitrary code to run (831527)

The remote host is running a version of Microsoft Word and/or Microsoft Excel that are subject to a flaw that could allow arbitrary code to be run. An attacker could use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue Word or Excel file to the owne...

multiple vendor telnet daemon vulnerability

This is a short version of the original advisory. Most details about exploiting this vulnerabilty have been removed after thinking about it. I do not release it because it makes me happy, and I would like you to please not assume things about the reasons involving this posting. I wish things woul...

CVE-2024-26014

...