CVE-2025-69443

Remote Code Execution in coleam00 Archon 0.1.0. A crafted HTML page, when accessed by a victim, can execute commands, run prompts on behalf of the user, control the Archon UI features, and steal all Archon information available on the UI including API keys...

CVE-2025-69443

Remote Code Execution in coleam00 Archon 0.1.0. A crafted HTML page, when accessed by a victim, can execute commands, run prompts on behalf of the user, control the Archon UI features, and steal all Archon information available on the UI including API keys...

CVE-2026-27476

RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...

CVE-2026-27476

RustFly 2.0.0 is affected by a command-injection vulnerability in its remote UI control that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. The flaw allows an attacker to send crafted hex payloads to execute arbitrary commands on the target, potentially enabling ...

PT-2026-20937

Name of the Vulnerable Software and Affected Versions RustFly version 2.0.0 Description RustFly 2.0.0 contains a command injection issue in its remote UI control mechanism. The software accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted...

EUVD-2019-2536

Malware in sbrugna...

CVE-2019-14761

An issue was discovered in KaiOS 2.5. The pre-installed Note application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the Note application. At a bare minimum, this allows an attacker to take control over the Note application's UI e.g.,...

Design/Logic Flaw

An issue was discovered in KaiOS 2.5. The pre-installed Note application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the Note application. At a bare minimum, this allows an attacker to take control over the Note application's UI e.g.,...

Design/Logic Flaw

An issue was discovered in KaiOS 2.5 and 2.5.1. The pre-installed Contacts application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a vCard file to the victim that will inject HTML into the Contacts application assuming the victim chooses to import the file. At a...

Design/Logic Flaw

An issue was discovered in KaiOS 2.5. The pre-installed Recorder application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the Recorder application. At a bare minimum, this allows an attacker to take control over the Recorder application's...

CVE-2019-14756

An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5. The pre-installed Email application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a specially crafted email to the victim that will inject HTML into the email application's UI as soon as the email is opened. A...

Unicorn-Bios - Basic BIOS Emulator For Unicorn Engine

Basic BIOS emulator/debugger for Unicorn Engine. Written to debug the XEOS Operating System boot sequence. Usage: Usage: unicorn-bios OPTIONS BOOTIMG Options: --help / -h: Displays help. --memory / -m: The amount of memory to allocate for the virtual machine in megabytes. Defaults to 64MB, minimu...

Alleged Comodo Hacker Posts Forged Mozilla Cert, Private Key

The unnamed hacker who has taken credit for the attack on Comodo last week that resulted in a number of fraudulent certificates being issued for high-value sites belonging to Google, Yahoo and Microsoft has posted the certificate that he issued himself for a Mozilla domain, as well as the private...