Publicly Disclosed
PoC Exploits

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security vulnerability has been identified in the alexta69 MeTube application, specifically in the CORS Policy implementation within the app/main.py file. This flaw allows for a permissive cross-domain policy that can unintentionally trust unverified domains, potentially exposing users to remot...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A significant security flaw has been identified in the AstrBot application, specifically within the dashboard component located in astrbot/dashboard/routes/auth.py. This vulnerability arises from hard-coded credentials, which could potentially allow unauthorized access to sensitive functionalitie...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A vulnerability has been identified in MacCMS Pro, specifically affecting the Plugin Installation Handler's 'install' function. This weakness allows for unrestricted file uploads via manipulation of the '/admi.php/admin/addon/add.html' file. Attackers can exploit this vulnerability to upload any ...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A SQL injection vulnerability has been identified in the itsourcecode Electronic Judging System 1.0, specifically within the login.php file. This vulnerability allows an attacker to manipulate the 'Username' argument to execute unauthorized SQL commands. The attack can be initiated remotely, maki...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability exists in the D-Link M60 router which affects its password recovery functionality, allowing for potential remote exploitation. This weakness can be exploited through a manipulation of the router's web service, specifically within the /usr/bin/httpd file. Although the complexity of...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A critical SQL injection vulnerability exists in the Gym Management System version 1.0, specifically within the file /admin/edit_exercises.php. By manipulating the edit_exercise parameter, an attacker can execute arbitrary SQL queries, potentially compromising the database and extracting sensitiv...

A SQL injection vulnerability exists in the SourceCodester Pharmacy Sales and Inventory System 1.0, specifically in the '/ajax.php?action=save_customer' endpoint. This vulnerability arises from improper handling of the 'ID' argument, allowing an attacker to manipulate requests and execute arbitra...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability exists in SourceCodester Pharmacy Sales and Inventory System 1.0 that allows attackers to execute SQL commands through manipulated requests to the /ajax.php endpoint, specifically targeting the action=delete_customer function. By altering the ID parameter, an attacker can perform ...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The pac4j-jwt library's JwtAuthenticator prior to versions 4.5.9, 5.7.9, and 6.3.3 is susceptible to an authentication bypass that could allow remote adversaries to create forged authentication tokens. By leveraging the server's RSA public key, attackers are able to craft a JWE-wrapped PlainJWT w...

A command injection vulnerability exists within the Totolink NR1800X router in version 9.1.0u.6279_B20210910. This vulnerability is located in the function sub_41A68C of the /cgi-bin/cstecgi.cgi file. An attacker can exploit this flaw by manipulating the argument 'setUssd' to execute arbitrary co...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability affecting Totolink NR1800X routers has been identified in the find_host_ip function of the lighttpd component. This issue can lead to a stack-based buffer overflow due to improper handling of the Host argument. The vulnerability allows for remote exploitation, posing a significant...

A weakness exists in the SourceCodester Advanced School Management System 1.0, specifically within the commonController.php file's checkEmail endpoint. This vulnerability allows for SQL injection attacks which can be exploited remotely. Attackers can manipulate input to execute arbitrary SQL quer...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security flaw exists in the Totolink A8000RU router, specifically in the CGI Handler component located in the file /cgi-bin/cstecgi.cgi. This vulnerability allows an attacker to manipulate the argument 'proto', potentially leading to OS command injection. Remote attackers can exploit this issue...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A denial of service vulnerability exists in the Open5GS software, specifically within the BSF component's bsf_sess_add_by_ip_address function. This flaw, which affects versions up to 2.7.7, allows an attacker to manipulate the ipv4Addr argument, leading to potential disruptions in service. The ex...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A buffer overflow vulnerability exists in the function strcpy within the /goform/formRemoteControl file of UTT HiPER 1200GW devices. This flaw allows an attacker to execute arbitrary code remotely, potentially compromising the device's security. The issue affects versions of the product up to 2.5...

A vulnerability exists in the UTT HiPER 1200GW router, specifically in the strcpy function located in the /goform/formUser file. This flaw allows for a buffer overflow condition, which can be exploited by an attacker to execute remote code. Due to the nature of the exploit, it poses a significant...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability in OWASP DefectDojo affects versions up to 2.55.4, specifically within the Benchmark/Engagement/Product/Survey component. This vulnerability allows attackers to manipulate certain functions, resulting in the potential for an authorization bypass. The exploit can be executed remote...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability exists in Bootstrap CMS 0.9.0-alpha related to an insecure function in the Page Creation Handler. This vulnerability allows an attacker to manipulate the argument body, leading to potential code injection. Given that the project has not been maintained for many years, products rel...