Exploit for CVE-2025-39247

CVE-2025-39247 - Target: HikCentral Professional HCMP, c...

EUVD-2020-16431

Malware in sbrugna...

EUVD-2018-5990

Malware in sbrugna...

CVE-2024-29963 Brocade SANnav contains hardcoded TLS keys used by Docker

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries...

CVE-2024-29961

Brocade SANnav prior to v2.3.1 and v2.3.0a contains a vulnerability where the SANnav service periodically pings gridgain.com to check for updates. This unauthenticated, remote behavior could enable a supply-chain attack against affected SANnav appliances. Remediation: upgrade to SANnav 2.3.1 or l...

Yahoo! JAPAN 安全漏洞

Yahoo! JAPAN is a portal website of Yahoo! A security vulnerability exists in Yahoo! JAPAN versions v2.3.1 through v3.161.1, which originates from an arbitrary script that can be executed via the WebView of an application installed on a user's device...

CVE-2022-45725

CVE-2022-45725 affects Comfast CF-WR6110N router (firmware version 2.3.1). The issue is improper input validation that could allow a remote, adjacent-network attacker to execute arbitrary code via HTTP POST requests. Exploitation details (payloads, specific endpoints, affected firmware variants b...

CVE-2022-43183

XXL-Job before v2.3.1 contains a Server-Side Request Forgery SSRF via the component /admin/controller/JobLogController.java...

Server side request forgery (ssrf)

XXL-Job before v2.3.1 contains a Server-Side Request Forgery SSRF via the component /admin/controller/JobLogController.java...

CVE-2022-43183

XXL-JOB prior to v2.3.1 is affected by a Server-Side Request Forgery (SSRF) in the component /admin/controller/JobLogController.java . The issue stems from the code path handling JobLog operations, enabling SSRF according to multiple connected sources. The public CVE entry CVE-2022-43183 consolid...

Sql injection

jizhicms v2.3.1 has SQL injection in the background...

Design/Logic Flaw

An issue was discovered in jizhicms v2.3.1. There is a CSRF vulnerability that can add a admin...

CVE-2022-36578

jizhicms v2.3.1 has SQL injection in the background...

CVE-2022-36578

CVE-2022-36578 affects jizhicms v2.3.1 with a SQL injection in the background. The NVD entry shows a cryptographic-agnostic, network-exposed vulnerability with high impact across confidentiality, integrity, and availability (CVSS 9.8; PR: none; UI: none). The Red Hat/PRION/CVE records confirm the...

CVE-2022-36577

An issue was discovered in jizhicms v2.3.1. There is a CSRF vulnerability that can add a admin...

NVIDIA Data Center GPU Manager Remote Memory Corruption

!/usr/bin/python3 -- coding: UTF-8 -- heart.py NVIDIA Data Center GPU Manager Remote Memory Corruption Vulnerability Jeremy Brown jbrown3264/gmail NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopba...

Kubernetes: Tokenless GUI Authentication

Report Submission Form Summary: A person has the ability to bypass the login screen using the 401 error code produced from a failed token login. The user is given the privileges of an system:anonymous user. Kubernetes Version: kubectl, kubeadm, kubelet 1.22.2 Ubuntu 20.04.3 - 64bit Component...

CVE-2020-23691

YFCMF v2.3.1 has a Remote Command Execution RCE vulnerability in the index.php...

Cross site scripting

In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page...

CVE-2020-23691

YFCMF v2.3.1 has a Remote Command Execution RCE vulnerability in the index.php...