PT-2026-24145

Name of the Vulnerable Software and Affected Versions Appsmith versions prior to 1.96 Description Appsmith is a platform used to build admin panels, internal tools, and dashboards. A critical stored cross-site scripting XSS issue exists in the Table Widget TableWidgetV2 due to insufficient HTML...

PT-2025-45527

Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.6.34 and below Description Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. A stored DOM XSS issue exists in the functionality that inserts custom prompts into the chat...

EUVD-2004-1049

Malware in sbrugna...

EUVD-2017-9341

Malware in sbrugna...

EUVD-2008-1089

Malware in sbrugna...

EUVD-1999-1364

Malware in sbrugna...

EUVD-2004-0489

Malware in sbrugna...

EUVD-2007-5470

Malware in sbrugna...

EUVD-2005-2354

Malware in sbrugna...

EUVD-2005-3098

Malware in sbrugna...

EUVD-2002-0355

Malware in sbrugna...

EUVD-2008-4972

Malware in sbrugna...

CVE-2024-53376

CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI...

CVE-2025-29281

In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them...

Exploit for Path Traversal in Ghost

CVE-2023-40028 PoC Exploit Symlink Upload Vulnerability in Gho...

HL Twitter <= 2014.1.18 - Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack Have a logged in admin open an HTML page containing:...

CVE-2022-37923

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

wildfly: Race condition on PID file allows for termination of arbitrary processes by local users

A flaw was discovered in wildfly that would allow local users, who are able to execute init.d script, to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root...

CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

SUSE-SU-2017:0248-1 Security update for Linux Kernel Live Patch 14 for SLE 12

This update for the Linux Kernel 3.12.60-5249 fixes several issues. The following security bugs were fixed: - CVE-2016-9806: Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel allowed local users to cause a denial of service double free or possibly have...