Publicly Disclosed
PoC Exploits

A significant vulnerability has been identified in Math.js, a popular library for mathematics in JavaScript and Node.js. From versions 13.1.1 to earlier than 15.2.0, this vulnerability enables attackers to execute arbitrary JavaScript through the library's expression parser. Applications utilizin...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks' GlobalProtect gateway and portal features allows attackers to execute malicious JavaScript in the authenticated browser session of Captive Portal users. When users click on specifically crafted links, they may unknowingly...

A significant logic error in the adbd_tls_verify_cert function of auth.cpp in various Android versions permits a bypass of the wireless ADB mutual authentication process. This flaw can lead to unauthorized remote code execution by exploiting the vulnerability as the shell user without requiring a...

Nginx UI, a web interface for the Nginx web server, has a critical security flaw where the /api/backup endpoint is accessible without authentication. This vulnerability allows unauthenticated attackers to retrieve a complete system backup that includes sensitive information such as user credentia...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A buffer overflow vulnerability exists within the User-ID™ Authentication Portal of Palo Alto Networks PAN-OS software. This flaw allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls by manipulating specially crafted packets. To miti...

A double free vulnerability has been identified in Apache HTTP Server that may lead to remote code execution, particularly concerning the HTTP/2 protocol. This issue affects version 2.4.66, and it is crucial for users to upgrade to version 2.4.67 to mitigate any potential security risks associate...

A significant logic error in the adbd_tls_verify_cert function of auth.cpp in various Android versions permits a bypass of the wireless ADB mutual authentication process. This flaw can lead to unauthorized remote code execution by exploiting the vulnerability as the shell user without requiring a...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A double free vulnerability has been identified in Apache HTTP Server that may lead to remote code execution, particularly concerning the HTTP/2 protocol. This issue affects version 2.4.66, and it is crucial for users to upgrade to version 2.4.67 to mitigate any potential security risks associate...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability in the PicoTronica e-Clinic Healthcare System ECHS 5.7 has been identified, specifically affecting an undisclosed function of the file /cdemos/echs/api/v2/ within the Response Header Handler component. This flaw allows attackers to exploit the system remotely, leading to unauthori...

An issue has been identified in the JSON_SCHEMA_VALID() function of MariaDB Server, which is derived from MySQL. This vulnerability allows authenticated users to crash versions 11.4 prior to 11.4.10 and 11.8 prior to 11.8.6 of MariaDB server. While under specific conditions, it could lead to remo...

The CodeAstro Membership Management System version 1.0 is prone to an SQL Injection vulnerability via the ID parameter in print_membership_card.php. This flaw allows attackers to manipulate database queries by injecting arbitrary SQL code, potentially leading to unauthorized data access and manip...

A significant security flaw has been identified in the PicoTronica e-Clinic Healthcare System ECHS version 5.7, specifically linked to the /cdemos/echs/priv/echs.js file. This vulnerability allows an attacker to manipulate the ADMIN_KEY argument, leading to the exposure of hard-coded credentials....

The Ancillary Function Driver (AFD) in various versions of Microsoft Windows does not execute proper validation of user-mode input. This flaw enables local users to escalate their privileges via specially crafted applications, potentially leading to unauthorized access to system resources. Affect...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability exists in the PicoTronica e-Clinic Healthcare System ECHS 5.7 due to a flaw in the API Endpoint's patient records functionality. This security issue allows for missing authentication, which can be exploited remotely by an attacker. The vulnerability allows unauthorized access to s...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The Apache JServ Protocol (AJP) Connector in Apache Tomcat allowed for misconfigured connections that could be exploited by attackers. By default, the AJP Connector is enabled, listening on all configured IP addresses. This elevated trust can lead to unauthorized access and manipulation of files ...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A vulnerability exists in FlowiseAI Flowise versions up to 3.0.12 that impacts the 'verify' function located in the account.service.ts file within the Endpoint component. This flaw enables attackers to manipulate requests, potentially leading to unauthorized access to sensitive information. The c...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A double free vulnerability has been identified in Apache HTTP Server that may lead to remote code execution, particularly concerning the HTTP/2 protocol. This issue affects version 2.4.66, and it is crucial for users to upgrade to version 2.4.67 to mitigate any potential security risks associate...

A vulnerability in the Vite frontend tooling framework allows unauthorized access to arbitrary files on the server. If an attacker connects to the Vite development server's WebSocket without an Origin header, they can exploit the custom WebSocket event 'vite:invoke' to retrieve file contents as J...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

The pac4j-jwt library's JwtAuthenticator prior to versions 4.5.9, 5.7.9, and 6.3.3 is susceptible to an authentication bypass that could allow remote adversaries to create forged authentication tokens. By leveraging the server's RSA public key, attackers are able to craft a JWE-wrapped PlainJWT w...

A significant logic error in the adbd_tls_verify_cert function of auth.cpp in various Android versions permits a bypass of the wireless ADB mutual authentication process. This flaw can lead to unauthorized remote code execution by exploiting the vulnerability as the shell user without requiring a...

A vulnerability has been identified in Windows Hyper-V, specifically related to the NT Kernel Integration Virtual Service Provider (VSP). This flaw allows an attacker to gain elevated privileges through carefully crafted input, potentially leading to unauthorized access and control over the host ...

A vulnerability in Windows SMB Server allows authorized attackers to exploit improper authentication mechanisms, enabling them to elevate their privileges locally. This weakness can be leveraged to gain unauthorized access and control over sensitive resources within the affected system, presentin...

The Ollama application is susceptible to a heap out-of-bounds read vulnerability within its GGUF model loader. This issue arises when the /api/create endpoint processes an attacker-defined GGUF file where the tensor offset and size exceed the file’s actual length. During quantization, the server ...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

In certain versions of Spring Cloud Function, an attacker can exploit the routing functionality through a specially crafted Spring Expression Language (SpEL) as a routing-expression. This misconfiguration may allow unauthorized access to local resources and the execution of arbitrary code, posing...

An authorization bypass vulnerability exists in Dify prior to version 1.14.0, enabling authenticated users to read files uploaded by other users within the same tenant. By supplying arbitrary file UUIDs in a chat-messages request, attackers can exploit inadequate permission checks in the chat-mes...

A double free vulnerability has been identified in Apache HTTP Server that may lead to remote code execution, particularly concerning the HTTP/2 protocol. This issue affects version 2.4.66, and it is crucial for users to upgrade to version 2.4.67 to mitigate any potential security risks associate...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The D-Link DI-8100 router contains a vulnerability in the sprintf function located within the /user_group.asp file of the CGI Handler component. This vulnerability allows an attacker to execute a buffer overflow, potentially leading to unauthorized actions on the device. The attack can be initiat...

A flaw in D-Link DI-8100 version 16.07.26A1 has been identified within the web management interface at /url_member.asp. A vulnerability exists that allows remote attackers to manipulate the 'Name' argument, resulting in a buffer overflow. This may enable unauthorized access and exploitation, maki...

A double free vulnerability has been identified in Apache HTTP Server that may lead to remote code execution, particularly concerning the HTTP/2 protocol. This issue affects version 2.4.66, and it is crucial for users to upgrade to version 2.4.67 to mitigate any potential security risks associate...

A buffer overflow vulnerability exists in the D-Link DI-8100, particularly within the tggl_asp function of the /tggl.asp file in the HTTP Request Handler. Attackers can manipulate the argument 'Name' to trigger this overflow, potentially leading to remote exploitation. The exploit has been made p...

A buffer overflow vulnerability has been identified in the D-Link DI-8100 router, specifically within the url_rule_asp function located in the /url_rule.asp file of the POST Parameter Handler. This vulnerability allows attackers to manipulate input parameters that could potentially lead to unauth...

A vulnerability exists in the D-Link DI-8100 router's HTTP handler, specifically in the 'sprintf' function within the '/auto_reboot.asp' file. The flaw arises from improper handling of input parameters, which can lead to a buffer overflow condition. An attacker can exploit this vulnerability remo...

A stack-based buffer overflow vulnerability has been identified in the D-Link DI-8100 router, specifically in the sprintf function within the yyxz.asp file. This vulnerability arises from improper handling of the ID argument, allowing an attacker to execute arbitrary code remotely. Exploits for t...

A vulnerability exists in the Uploaded File Handler of Langchain-Chatchat, impacting versions up to 0.3.1.3. Specifically, the issue lies within the _get_file_id function in the openai_routes.py file, where manipulation can lead to the use of insufficiently random values. This flaw necessitates a...