Publicly Disclosed
PoC Exploits

An exploitable vulnerability exists within Oracle VM VirtualBox, specifically in its core components. A privileged attacker with access to the infrastructure can exploit this weakness to compromise the functionality of Oracle VM VirtualBox. Successful exploitation may result in a partial denial o...

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid is susceptible to unauthorized data modification due to a missing capability check on the 'wp_ajax_cli_cancel' function. This flaw affects all versions up to and including 1.17.1, allowing unauthenticated attackers to c...

The Ollama application is susceptible to a heap out-of-bounds read vulnerability within its GGUF model loader. This issue arises when the /api/create endpoint processes an attacker-defined GGUF file where the tensor offset and size exceed the file’s actual length. During quantization, the server ...

A vulnerability has been identified in Code-Projects Simple Chat System version 1.0, specifically affecting the 'sendMessage.php' file. This flaw arises from improper handling of argument types and lengths, allowing attackers to manipulate parameters leading to SQL injection vulnerabilities. Expl...

A vulnerability in GPAC's sidx_box_read function within src/isomedia/box_code_base.c has been identified, which enables local attackers to manipulate resource allocation. This flaw could potentially be exploited to disrupt the services offered by affected systems. To mitigate risks, it is recomme...

A vulnerability exists in Open5GS's NSSF component, specifically within the ogs_sbi_discovery_option_add_snssais function in the /lib/sbi/message.c file. This flaw enables attackers to execute a denial of service attack remotely, potentially disrupting the service for users. The issue has been pu...

A vulnerability has been identified in the Open5GS project, specifically within the NSSF component where the function ogs_sbi_discovery_option_add_service_names is located. This flaw can lead to a denial of service (DoS), allowing remote attackers to exploit the situation. Although the issue was ...

A vulnerability has been identified in Open5GS NSSF up to version 2.7.7, specifically within the function ogs_sbi_parse_plmn_list located in the /lib/sbi/conv.c file. This flaw enables remote attackers to exploit the affected component, resulting in denial of service conditions. The issue was pre...

A vulnerability exists in the Open5GS NSSF component, specifically in the function nssf_nnrf_nsselection_handle_get_from_amf_or_vnssf located in /src/nssf/nnssf-handler.c. This flaw allows a remote attacker to conduct a denial of service attack, potentially disrupting system availability. Despite...

A vulnerability has been identified in Open5GS NSSF impacting versions up to 2.7.7. The issue lies within the ogs_sbi_stream_find_by_id function in the nghttp2-server.c library, which when manipulated, can lead to a denial of service. This attack necessitates local access, and exploitation may re...

The Breeze Cache plugin for WordPress has a security flaw that allows unauthenticated attackers to perform arbitrary file uploads. This vulnerability is due to inadequate file type validation in the 'fetch_gravatar_from_remote' function. The risk is present in all versions up to 2.4.4, specifical...

A vulnerability has been identified in givanz Vvvebjs prior to version 2.0.5, specifically within the file upload functionality of the component File Upload Endpoint. This weakness stems from improper handling of the 'uploadAllowExtensions' parameter, which opens the door to cross-site scripting ...

The ZTE ZX297520V3 BootROM is susceptible to an arbitrary memory write vulnerability that can be exploited via USB. This weakness stems from the lack of proper validation for target addresses during USB download mode, allowing attackers to manipulate memory locations within the BootROM runtime. B...

The WooCommerce Designer Pro plugin for WordPress has a significant vulnerability that allows unauthenticated attackers to perform arbitrary file uploads. This issue arises from inadequate file type validation in the 'wcdp_save_canvas_design_ajax' function. If exploited, this can lead to unauthor...

A vulnerability has been discovered in the huangjunsen0406 xiaozhi-mcphub project, specifically impacting the file src/controllers/dxtController.ts. This weakness allows an attacker to manipulate the argument manifest.name, leading to path traversal incidents. The exploit, which poses a significa...

A security flaw in the gyoridavid short-video-maker, up to version 1.3.4, allows attackers to exploit the REST API component. The issue arises from improper handling of user input, specifically the req.params.tmpFile argument, resulting in unauthorized file access through path traversal. This vul...

A SQL injection vulnerability has been discovered in the JeecgBoot application affecting versions up to 3.9.1. This vulnerability resides in the functionality of the file /sys/dict/loadTreeData within the JSON Object Handler, allowing attackers to manipulate input conditions. The exploit can be e...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A path traversal vulnerability has been identified in the 8421bit MiniClaw, specifically within the isPathInside function located in src/kernel.ts as part of the executeSkillScript component. This flaw allows an attacker to manipulate file paths, potentially leading to unauthorized access to crit...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A remote OS command injection vulnerability exists in the 8421bit MiniClaw due to improper handling of data in the executeCognitivePulse function found in src/kernel.ts. This flaw allows attackers to execute arbitrary commands on the system, posing a severe risk. The vulnerability can be exploite...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security vulnerability has been identified in the Code-Projects Feedback System 1.0, specifically affecting an unprotected function in the /admin/checklogin.php file. By manipulating the email parameter, attackers can execute malicious SQL queries, allowing remote exploitation of the system. Th...

A security vulnerability has been identified in CodeAstro's Online Classroom 1.0 that enables SQL injection through improper handling of user inputs in the /askquery.php file. This flaw allows attackers to manipulate the 'squeryx' argument, which could lead to unauthorized data access or manipula...

A weakness exists in the OSGeo GDAL library, particularly within the GDfieldinfo function of the GDapi.c file, which may allow an out-of-bounds read. This vulnerability can be exploited locally with a specific manipulation on affected versions. Publicly available exploits highlight the urgency fo...

A vulnerability in OSGeo GDAL's GDnentries function, located in the GDapi.c file, has been identified that could lead to a heap-based buffer overflow. This issue arises from improper handling of the DataFieldName argument, opening the door for local attackers to exploit the flaw. The exploit has ...

A vulnerability exists in OSGeo GDAL affecting the SWnentries function located in the SWapi.c file. This issue arises when an attacker manipulates the DimensionName argument, potentially leading to a heap-based buffer overflow. The attack requires local access, and exploit code for this vulnerabi...

A vulnerability has been identified in OSGeo GDAL affecting the HDF-EOS Grid File Handler. Specifically, the memmove function in the file frmts/hdf4/hdf-eos/SWapi.c can lead to out-of-bounds reads. This vulnerability necessitates local execution for exploitation and has been publicly disclosed. U...

A vulnerability has been identified in OSGeo GDAL affecting the HDF-EOS Grid File Handler. Specifically, the memmove function in the file frmts/hdf4/hdf-eos/SWapi.c can lead to out-of-bounds reads. This vulnerability necessitates local execution for exploitation and has been publicly disclosed. U...

A security flaw has been identified in the SourceCodester Pharmacy Sales and Inventory System, specifically within the file /ajax.php when executing the action save_user. This vulnerability arises from improper handling of the user ID parameter, allowing an attacker to execute SQL injection attac...

A server-side request forgery (SSRF) vulnerability has been identified in Router-for-Me's CLIProxyAPI version 6.9.29, specifically targeting the internal/api/handlers/management/api_tools.go file. This issue arises from inadequate validation of the 'url' argument, allowing an attacker to manipula...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A significant vulnerability has been identified in Math.js, a popular library for mathematics in JavaScript and Node.js. From versions 13.1.1 to earlier than 15.2.0, this vulnerability enables attackers to execute arbitrary JavaScript through the library's expression parser. Applications utilizin...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks' GlobalProtect gateway and portal features allows attackers to execute malicious JavaScript in the authenticated browser session of Captive Portal users. When users click on specifically crafted links, they may unknowingly...

A significant logic error in the adbd_tls_verify_cert function of auth.cpp in various Android versions permits a bypass of the wireless ADB mutual authentication process. This flaw can lead to unauthorized remote code execution by exploiting the vulnerability as the shell user without requiring a...

Nginx UI, a web interface for the Nginx web server, has a critical security flaw where the /api/backup endpoint is accessible without authentication. This vulnerability allows unauthenticated attackers to retrieve a complete system backup that includes sensitive information such as user credentia...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A buffer overflow vulnerability exists within the User-ID™ Authentication Portal of Palo Alto Networks PAN-OS software. This flaw allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls by manipulating specially crafted packets. To miti...

A double free vulnerability has been identified in Apache HTTP Server that may lead to remote code execution, particularly concerning the HTTP/2 protocol. This issue affects version 2.4.66, and it is crucial for users to upgrade to version 2.4.67 to mitigate any potential security risks associate...

A significant logic error in the adbd_tls_verify_cert function of auth.cpp in various Android versions permits a bypass of the wireless ADB mutual authentication process. This flaw can lead to unauthorized remote code execution by exploiting the vulnerability as the shell user without requiring a...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A double free vulnerability has been identified in Apache HTTP Server that may lead to remote code execution, particularly concerning the HTTP/2 protocol. This issue affects version 2.4.66, and it is crucial for users to upgrade to version 2.4.67 to mitigate any potential security risks associate...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability in the PicoTronica e-Clinic Healthcare System ECHS 5.7 has been identified, specifically affecting an undisclosed function of the file /cdemos/echs/api/v2/ within the Response Header Handler component. This flaw allows attackers to exploit the system remotely, leading to unauthori...

An issue has been identified in the JSON_SCHEMA_VALID() function of MariaDB Server, which is derived from MySQL. This vulnerability allows authenticated users to crash versions 11.4 prior to 11.4.10 and 11.8 prior to 11.8.6 of MariaDB server. While under specific conditions, it could lead to remo...

The CodeAstro Membership Management System version 1.0 is prone to an SQL Injection vulnerability via the ID parameter in print_membership_card.php. This flaw allows attackers to manipulate database queries by injecting arbitrary SQL code, potentially leading to unauthorized data access and manip...

A significant security flaw has been identified in the PicoTronica e-Clinic Healthcare System ECHS version 5.7, specifically linked to the /cdemos/echs/priv/echs.js file. This vulnerability allows an attacker to manipulate the ADMIN_KEY argument, leading to the exposure of hard-coded credentials....