Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the crypto/tls component. Sending multiple key update messages after a handshake in ...

Cal.com 安全漏洞

Cal.com is an open source scheduling software from Cal.com Open Source. A security vulnerability exists in Cal.com versions 3.1.6 through prior to 6.0.7, which stems from a flaw in the custom NextAuth JWT callback that could allow an attacker to gain full authentication access to any user account...

EUVD-2021-26509

Malware in sbrugna...

CVE-2025-52964 Junos OS and Junos OS Evolved: Receipt of a specific BGP UPDATE causes an rpd crash on devices with BGP multipath configured

A Reachable Assertion vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When the device receives a specific BGP UPDATE packet, the rpd crashes and restarts...

Google Chrome Security Update (stable-channel-update-for-desktop_30-2025-06) - Mac OS X

Google Chrome is prone to a type confusion vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

CVE-2023-6946

The Autotitle for WordPress plugin through 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2025-20115

A vulnerability in confederation implementation for the Border Gateway Protocol BGP in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to a memory corruption that occurs when a BGP update is created with a...

reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF

Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF attack. PoC This requires Jetpack to be installed and to have a page/post with a Jetpack Contact...

Rancher 安全特征问题漏洞

Rancher Labs Rancher is a suite of open source, enterprise-grade container management platforms from Rancher Labs, Inc. in the United States. A security signature issue vulnerability exists in SUSE Rancher that stems from the presence of an entropy insufficiency vulnerability that allows an...

CVE-2022-48194

TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service DoS by uploading a crafted firmware update because the signature check is inadequate...

openstack-keystone: Credentials endpoint policy logic allows changing credential owner and target project ID

A vulnerability was found in Keystone's EC2 credentials API. This flaw allows any authenticated user to create an EC2 credential for themselves for a project that they have a specified role, and then perform an update to the credential user and project, allowing them to masquerade as another user...

WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack

The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor,...

Framework for Rogue Wi-Fi Access Point Attack: WiFi-Pumpkin

The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor,...

Quagga Denial of Service Vulnerability (CNVD-2017-35655)

Quagga is a routing software suite developed by American software developer Kunihiro Ishiguro. The suite implements OSPFv2, OSPFv3, RIP v1/v2 and other protocols on multiple platforms and provides route redistribution, route mapping and other features. A security vulnerability exists in the...

WiFi-Pumpkin v0.8.5 - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a very complete framework for auditing Wi-Fi security. The main feature is the ability to create a fake AP and make Man In The Middle attack, but the list of features is quite broad. Installation Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin...

WiFi-Pumpkin v0.8.1 - Framework for Rogue Wi-Fi Access Point Attack

Framework for Rogue Wi-Fi Access Point Attack Description WiFi-Pumpkin is a open source security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 3.0.1/2.0.5 Python 2.7 git clone...

WiFi-Pumpkin v0.7.5 - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh --install refer t...

Rogue Wi-Fi Access Point: 3vilTwinAttacker

This tool create an rogue Wi-Fi access point , purporting to provide wireless Internet services, but snooping on the traffic 3vilTwinAttacker is security tool that provide the Rogue access point to Man-In-The-Middle and network attacks. purporting to provide wireless Internet services, but snoopi...