CVE-2025-67125

A signed integer overflow in docopt.cpp v0.6.2 LeafPattern::match in docoptprivate.h when merging occurrence counters e.g., default LONGMAX + first user "-v/--verbose" can cause counter wrap negative/unbounded semantics and lead to logic/policy bypass in applications that rely on occurrence-based...

CVE-2025-67125

CVE-2025-67125: A signed integer overflow in docopt.cpp v0.6.2 (LeafPattern::match in docopt_private.h) occurs when merging occurrence counters (e.g., LONG_MAX + user-supplied -v/--verbose). This can cause counter wrap with negative/unbounded semantics, enabling logic/policy bypass in apps relyin...

CVE-2025-25724

listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custo...

ICMPExfil - Exfiltrate data with ICMP

ICMP Exfil allows you to transmit data via valid ICMP packets. You use the client script to pass in data you wish to exfiltrate, then on the device you're transmitting to you run the server. Anyone watching-- human or security system-- will just see valid ICMP packets, there's nothing malicious...

samba: information disclosure in suid mount.cifs

mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the...

Microsoft Windows - WINS Vulnerability + OS/SP Scanner

/ HAT-SQUAD WINS VULNERABILITY/OS SCANNER ------------------------------------ ------------------------------------ Note: ---------------- By default, nothing printed on screen, 200 threads, all results in the file HSWINS.txt -v..: lite verbose, will print the 'NOTPATCHED' results on the screen...