1258 matches found
FTP Fetch, Reverse TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an FTP server. Connect back to the attacker with UUID Support Windows x64 Module Options msf use payload/cmd/windows/ftp/x64/peinject/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf...
OpenVPN 2.6.0 < 2.6.21 / 2.7.x < 2.7.5 Multiple Vulnerabilities
According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is affected by multiple vulnerabilities: - A use-after-free bug in ackwritebuf, triggerable by a well-timed sequence of control channel and authentication packets. CVE-2026-12996 - A...
RARLAB WinRAR < 7.23 Heap-Based Buffer Overflow (CVE-2026-14191)
The version of RARLAB WinRAR installed on the remote Windows host is prior to 7.23. It is, therefore, affected by a heap-based buffer overflow vulnerability: - An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser. The RecItems vector is sized only when the first .rev file in...
Microsoft Edge (Chromium) < 150.0.4078.48 (CVE-2026-57991)
The version of Microsoft Edge installed on the remote Windows host is prior to 150.0.4078.48. It is, therefore, affected by a vulnerability as referenced in the July 2, 2026 advisory. - Improper link resolution before file access 'link following' in Microsoft Edge Chromium-based allows an...
Mozilla Thunderbird < 140.12.1
The version of Thunderbird installed on the remote Windows host is prior to 140.12.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-64 advisory. - An attacker who can send HTML chat messages via Matrix or XMPP can inject arbitrary styled content, phishing...
CVE-2026-53632
CVE-2026-53632 affects the npm package launch-editor . Before version 2.14.1, it can open arbitrary paths including Windows UNC paths; when a UNC path is opened Windows triggers NTLM authentication to the remote host, causing the user’s NTLMv2 password hash to be leaked to an attacker-controlled ...
Microsoft Edge (Chromium) < 149.0.4022.80 (CVE-2026-32208)
The version of Microsoft Edge installed on the remote Windows host is prior to 149.0.4022.80. It is, therefore, affected by a vulnerability as referenced in the June 18, 2026 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported...
Mozilla Thunderbird < 140.12
The version of Thunderbird installed on the remote Windows host is prior to 140.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-61 advisory. - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox E...
Mozilla Firefox ESR < 115.37
The version of Firefox ESR installed on the remote Windows host is prior to 115.37. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-59 advisory. - Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and...
7-Zip >= 9.11 < 26.01 UDF OOB Read (GHSL-2026-115_GHSL-2026-122)
The version of 7-Zip installed on the remote Windows host is = 9.11 and prior to 26.01. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read exists in 7-Zip's UDF field handling, which can lead to a crash when processing a crafted UDF image. CVE-2026-48102 - A path...
Malicious code in @atlisp/mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5f4a9667f0a13220de9b838fde4fc16bd5aaa7f79d91f1122725e4799582515 The package's MCP server auto-injects a LISP bootstrap into every CAD command sent through cadSend/cadSendWithResult, plus connectcad's initAtlisp an...
Mozilla Firefox ESR < 140.11
The version of Firefox ESR installed on the remote Windows host is prior to 140.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-48 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR...
Microsoft Edge (Chromium) < 148.0.3967.55 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 148.0.3967.55. It is, therefore, affected by multiple vulnerabilities as referenced in the May 11, 2026 advisory. - Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96...
Mozilla Firefox < 150.0.2
The version of Firefox installed on the remote Windows host is prior to 150.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-40 advisory. - Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presum...
Mozilla Firefox ESR < 140.10.2
The version of Firefox ESR installed on the remote Windows host is prior to 140.10.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-41 advisory. - Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bug...
Google Chrome < 148.0.7778.96 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 148.0.7778.96. It is, therefore, affected by multiple vulnerabilities as referenced in the 202605stable-channel-update-for-desktop advisory. - Use after free in WebRTC. CVE-2026-7928, CVE-2026-7987, CVE-2026-8016 -...
CVE-2026-25266
CVE-2026-25266 describes memory corruption in the IOCTL handling path when the device is in power-save state. The entry notes a local issue with low attack complexity and low privileges required, no user interaction, and a high impact on confidentiality, integrity, and availability per CVSS 3.1 (...
CVE-2026-25266 Exposed dangerous function in windows host
Memory corruption while processing IOCTL command when device is in power-save state...
CVE-2026-25266 Exposed dangerous function in windows host
Memory corruption while processing IOCTL command when device is in power-save state...
Wireshark 3.0.x < 3.0.10 A Vulnerability
The version of Wireshark installed on the remote Windows host is prior to 3.0.10. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.0.10 advisory. - In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed ...