Publicly Disclosed
PoC Exploits

A vulnerability in Microsoft Office Word arises from a reliance on untrusted inputs during security decisions, potentially allowing unauthorized attackers to bypass critical local security features. This flaw highlights the importance of ensuring all inputs are properly validated to maintain robu...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The Dasel command-line tool, widely used for querying and transforming data structures, has a vulnerability that can lead to Denial of Service. Versions 3.0.0 through 3.3.0 allow an attacker to exploit the YAML reader's `UnmarshalYAML` implementation. By providing specially crafted YAML files, an...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

The WDR201A WiFi Extender suffers from a stack-based buffer overflow vulnerability found in the firewall.cgi and makeRequest.cgi binaries. This flaw allows unauthenticated attackers to send specially crafted POST requests with a Content-Length header exceeding 512 bytes, leading to the potential ...

The Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier is affected by an information disclosure vulnerability that allows unauthenticated attackers to access and enumerate customer order records via the vulnerable QR code scanning endpoint (scan_qr.php). By sequentially it...

The Easy PayPal Events & Tickets plugin for WordPress is susceptible to a vulnerability that allows attackers to bypass authentication mechanisms through the QR code scanning feature. By exploiting this flaw, unauthenticated remote attackers can utilize the 'test' value as a hash parameter to gai...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

NetBox versions 4.3.5 through 4.5.4 have a vulnerability that allows authenticated users with specific permissions to perform remote code execution. By manipulating the environment_params field in the RenderTemplateMixin.get_environment_params() method, attackers can bypass protections that Jinja...

The WebSocket Application Programming Interface in E-Power systems is vulnerable due to a lack of restrictions on the number of authentication requests. This vulnerability can be exploited by attackers to perform denial-of-service attacks, which may disrupt legitimate charger telemetry. Additiona...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

In earlier versions of the ZeroMQ library (libzmq), a significant vulnerability exists that allows a remote and unauthenticated client to connect and potentially cause a stack overflow. This vulnerability arises from improper handling of buffers, leading to arbitrary data being written to the sta...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A deserialization vulnerability exists in the SGLang component of sgl-project, specifically within the get_tokenizer function in the HuggingFace Transformer Handler. This flaw allows attackers to manipulate data remotely, potentially leading to unauthorized access or data corruption. The vulnerab...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A buffer overflow vulnerability has been identified in the Totolink N300RH router, specifically in the setMacFilterRules function within the POST Request Handler of the /cgi-bin/cstecgi.cgi file. The vulnerability arises from improper handling of the mac_address argument, which allows remote atta...

A security vulnerability has been identified in the Totolink N300RH router, specifically within the function setWanConfig located in /cgi-bin/cstecgi.cgi. This issue arises from improper handling of the priDns argument, leading to a potential buffer overflow. The vulnerability can be exploited re...

A vulnerability has been identified in the Totolink N300RH router firmware version 3.2.4-B20220812, specifically within the setUpgradeFW function located in the /cgi-bin/cstecgi.cgi file. This weakness arises from the improper handling of the FileName argument, which can be exploited to trigger a...

A buffer overflow vulnerability exists in the loginauth function of the Parameter Handler component in Totolink N300RH routers running firmware version 3.2.4-B20220812. This flaw can be exploited remotely by manipulating the Password argument, leading to potential unauthorized access and adverse ...

A vulnerability exists in the SourceCodester Web-based Pharmacy Product Management System version 1.0, specifically in the edit-admin.php file. This issue arises from improper handling of the argument ID, enabling attackers to execute remote SQL injection attacks. Given that exploits are publicly...

A security flaw has been identified in CodeAstro's Online Classroom software, specifically in the faculty details functionality. This vulnerability arises from improper handling of user input in the 'deleteid' parameter, leading to SQL injection. Attackers can exploit this weakness remotely, pote...

A vulnerability has been identified in CodeAstro Online Classroom 1.0 that affects the unspecified functionality of the addnewstudent endpoint. Manipulation of the 'fname' parameter can lead to SQL injection attacks, allowing adversaries to interact with the database through crafted queries. This...

A SQL injection vulnerability exists in the CodeAstro Online Classroom 1.0, specifically in an unidentified function within the /OnlineClassroom/studentdetails file. This vulnerability allows for malicious manipulation of the 'deleteid' argument, enabling an attacker to execute remote SQL queries...

A vulnerability has been identified in CodeAstro's Online Classroom version 1.0, specifically in an undisclosed function located in the faculty login script. Manipulating the 'fid' argument allows for SQL injection attacks, which can be executed remotely. This exposure enables unauthorized users ...

The CodeAstro Online Classroom application version 1.0 is vulnerable to SQL injection through the student login function. This vulnerability allows attackers to manipulate the 'sid' argument, potentially leading to unauthorized access to sensitive data. Exploitation can be executed remotely, and ...

A vulnerability has been identified in justdan96 tsMuxer software, specifically in the function VvcVpsUnit::setFPS located in tsMuxer/vvc.cpp. This flaw allows an attacker to manipulate the track_id argument, potentially leading to a denial of service. The vulnerability requires local access to e...

A local vulnerability has been discovered in the tsMuxer software developed by justdan96, specifically affecting the HevcVpsUnit::setFPS function located in hevc.cpp file. This issue arises from improper handling of the 'track_id' argument, potentially leading to a denial of service condition. Ex...

A security flaw affecting Puchunjie's doc-tools-mcp version 1.0.18 has been identified, specifically within the functions create_document and open_document of the MCP Interface. This vulnerability can be exploited through path traversal techniques by manipulating the filePath argument. Attackers ...

The Magic Export & Import WordPress plugin prior to version 1.2.0 exposes exported CSV files in a publicly accessible location. This vulnerability allows unauthorized visitors to access and download sensitive user information contained within these files, posing significant privacy and security r...

A vulnerability has been identified in Funadmin versions up to 7.1.0-rc6 within the Frontend Chunked Upload Endpoint. It stems from a flaw in the UploadService::chunkUpload function located in app/common/service/UploadService.php. This weakness allows an attacker to manipulate the File argument, ...

An unrestricted file upload vulnerability exists in the BloodBank Managing System 1.0, specifically in the request_blood.php file. This issue allows an attacker to remotely upload files without proper validation, potentially leading to the execution of arbitrary code. As the exploit is now public...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security vulnerability has been identified in the BloodBank Managing System version 1.0, specifically within the 'get_state.php' file. This vulnerability arises from inadequate validation of the G_STATE_ID parameter, allowing for SQL injection attacks. Attackers can exploit this vulnerability r...

A vulnerability has been detected in the privsim mcp-test-runner version 0.2.0 affecting the child_process.spawn function located in src/index.ts. By manipulating the command argument, an attacker could execute arbitrary OS commands, potentially leading to severe security breaches. This vulnerabi...

A security flaw has been identified in the pixelsock directus-mcp version 1.0.0. This vulnerability resides in the validateUrl function located in index.ts of the MCP Interface component. An attacker can manipulate the fileUrl argument, potentially leading to servers being tricked into making una...

A security vulnerability has been identified in the MCP Interface of the mcp-rtfm product. This issue allows an attacker to manipulate the function get_doc_content/read_doc/update_doc through the argument docFile, leading to unauthorized access to files outside the intended directory structure. T...

A vulnerability exists in PrefectHQ's product related to the GitRepository Pull Handler, specifically within the file src/prefect/runner/storage.py. The issue arises from improper handling of arguments, specifically the 'commit_sha' and 'directories' parameters, leading to potential argument inje...

A vulnerability exists in the PrefectHQ Prefect software within the Webhook/Notification component. The specific flaw lies in the validate_restricted_url function, which is susceptible to a time-of-check time-of-use condition. This vulnerability allows remote attackers to exploit the system under...

A security flaw has been identified in the WebSocket Endpoint of the PrefectHQ Prefect application, affecting versions up to 3.6.13. This vulnerability permits remote exploitation, as it allows an attacker to manipulate the system due to a lack of proper authentication mechanisms. To mitigate thi...

A vulnerability was identified in the Health Check API of PrefectHQ's Prefect, affecting versions up to 3.6.21. This flaw allows for improper authentication through the 'endswith' function in the /api/health endpoint. Attackers could exploit this vulnerability remotely, increasing the risk of una...

A security vulnerability has been identified in the Totolink WA300 router, specifically within the NTPSyncWithHost function located in the /cgi-bin/cstecgi.cgi file. This flaw allows an attacker to manipulate the 'hostTime' argument, leading to the possibility of command injection. The vulnerabil...

A vulnerability has been discovered in the Totolink WA300 router's POST Request Handler, specifically within the setLanguageCfg function in the /cgi-bin/cstecgi.cgi script. This weakness allows an attacker to manipulate the langType argument, potentially leading to command injection. The exploit ...

A security flaw has been identified in the Totolink WA300 access point, specifically in the 'loginauth' function located in the cstecgi.cgi file of the POST Request Handler. The vulnerability arises from improper handling of the 'http_host' argument, leading to a buffer overflow that can be explo...

A vulnerability has been identified in the Totolink WA300 router, specifically within the function setWebWlanIdx located in /cgi-bin/cstecgi.cgi of the POST Request Handler. An attacker can manipulate the webWlanIdx argument, resulting in command injection, which may be initiated remotely. The ex...

A buffer overflow vulnerability exists in the UploadCustomModule function of the Totolink WA300 router's POST Request Handler. This issue stems from improper handling of input on the /cgi-bin/cstecgi.cgi script, allowing attackers to manipulate the 'File' argument. If successfully exploited, this...