Publicly Disclosed
PoC Exploits

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

The GNU C Library contains a vulnerability related to the untrusted LD_LIBRARY_PATH environment variable, which can be exploited by attackers. This issue affects setuid binaries that utilize dynamic link library loading features through the dlopen function, particularly in scenarios involving int...

The NEX-Forms WordPress plugin prior to version 9.1.8 has a security flaw that allows attackers to exploit unsanitized and unescaped settings. This vulnerability can be leveraged by low-privileged users, like subscribers, to inject malicious scripts into web pages. Such attacks can result in the ...

Grafana, an open-source monitoring and observability platform, is susceptible to a directory traversal vulnerability in versions ranging from 8.0.0-beta1 to 8.3.0. This vulnerability enables unauthorized access to local files via specially crafted URL paths which include the identifier for any in...

The ClickFunnels WordPress plugin through 3.1.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

The Hustle - Email Marketing, Lead Generation, Optins, Popups plugin for WordPress contains a vulnerability that results in Sensitive Information Exposure across all versions up to and including 7.8.3. This weakness arises from hardcoded API keys, which can be exploited by unauthenticated attacke...

The Elliptic package experiences a significant cryptographic vulnerability where the ECDSA implementation generates incorrect signatures. This flaw arises due to an improper computation of the interim value 'k', leading to potential truncation when it has leading zeros. As a result, an attacker c...

Webmin 1.900 possesses a vulnerability that allows remote attackers to execute arbitrary code. This exploitation can be carried out by utilizing the 'Java file manager' and 'Upload and Download' privileges. Attackers can upload a specially crafted .cgi file through the /updown/upload.cgi URI, lea...

A physical access vulnerability exists in the D-Link DIR-605L Router that can be exploited by an attacker with direct access to the UART pins. This flaw permits the execution of arbitrary commands due to unregulated root terminal access on a serial interface. Without proper access controls, this ...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

A vulnerability exists in the Linux kernel related to improper initialization of the 'flags' member of the new pipe buffer structure. This absence of proper initialization in the copy_page_to_iter_pipe and push_pipe functions can result in the presence of stale values. As a consequence, an unpriv...

The V-SOL GPON/EPON OLT Platform v2.03 is susceptible to multiple reflected cross-site scripting vulnerabilities. These arise from inadequate input sanitization in various script parameters. Malicious actors can exploit these security flaws by injecting harmful HTML and script code, enabling the ...

Yahei-PHP Prober version 0.4.7 has a vulnerability that permits remote HTML injection via the 'speed' GET parameter in prober.php. This flaw enables attackers to execute arbitrary HTML code, potentially leading to cross-site scripting (XSS) attacks affecting user sessions in their browsers. By ma...

The FaceSentry Access Control System version 6.4.8 contains a cross-site scripting vulnerability that affects the 'msg' parameter of the pluginInstall.php file. This vulnerability allows attackers to inject malicious scripts through unvalidated input. Once exploited, the injected JavaScript can e...

The SOCA Access Control System 180612 is vulnerable to a cross-site scripting (XSS) attack via the 'senddata' parameter in logged_page.php. This vulnerability enables attackers to execute arbitrary HTML and JavaScript code within the browser session of a victim when crafted POST requests are sent...

The INIM Electronics Smartliving SmartLAN/G/SI devices, running Linux versions up to 6.x, contain hard-coded credentials that are unchangeable through regular device operations. This vulnerability allows malicious actors to exploit these persistent credentials, facilitating unauthorized access to...

The INIM Electronics Smartliving SmartLAN/G/SI devices, running Linux versions up to 6.x, contain hard-coded credentials that are unchangeable through regular device operations. This vulnerability allows malicious actors to exploit these persistent credentials, facilitating unauthorized access to...

The Smartliving SmartLAN/G/SI product version 6.x and earlier is susceptible to an unauthenticated server-side request forgery (SSRF) vulnerability. This issue exists within the GetImage functionality, where attackers can exploit the 'host' parameter to send crafted requests through the onvif.cgi...

The Smartliving SmartLAN/G/SI product version 6.x and earlier is susceptible to an unauthenticated server-side request forgery (SSRF) vulnerability. This issue exists within the GetImage functionality, where attackers can exploit the 'host' parameter to send crafted requests through the onvif.cgi...

The SmartLiving SmartLAN versions up to 6.x are affected by a significant security vulnerability that allows authenticated users to execute arbitrary commands on the system. This vulnerability arises from the 'par' POST parameter within the web.cgi binary, specifically through the 'testemail' mod...

The SmartLiving SmartLAN versions up to 6.x are affected by a significant security vulnerability that allows authenticated users to execute arbitrary commands on the system. This vulnerability arises from the 'par' POST parameter within the web.cgi binary, specifically through the 'testemail' mod...

The V-SOL GPON/EPON OLT Platform version 2.03 is susceptible to an open redirect vulnerability due to improper validation of user input in its redirect mechanism. This flaw enables attackers to craft deceptive links that exploit the functionality of the 'parent' GET parameter. When exploited, log...

The FaceSentry Access Control System version 6.4.8 is susceptible to a vulnerability that involves the insecure storage of passwords. This flaw allows attackers to access unencrypted credentials stored in the device's SQLite database. Specifically, sensitive login information can be directly read...

The FaceSentry Access Control System version 6.4.8 is affected by a cleartext transmission vulnerability. This issue allows remote attackers to intercept sensitive authentication credentials via man-in-the-middle attacks. If an attacker gains access to the network, they can capture HTTP cookie in...

The NREL BEopt 2.8.0.0 software is susceptible to a DLL hijacking vulnerability that permits attackers to load arbitrary dynamic link libraries. This attack vector exploits users opening application files sourced from remote shares, enabling malicious actors to execute unauthorized code by levera...

The Devolo dLAN Cockpit 4.3.1 is vulnerable due to an unquoted service path in the 'DevoloNetworkService'. This weakness allows local non-privileged users to insert malicious code into the system's root path, which can potentially lead to arbitrary code execution with elevated privileges upon app...

The Leica Geosystems GNSS products (GR10, GR25, GR30, and GR50) with version 4.30.063 are susceptible to a cross-site request forgery vulnerability. This flaw enables attackers to deceive authenticated users into executing unintended actions, effectively compromising the application’s security. B...

The Leica Geosystems GNSS products (GR10, GR25, GR30, and GR50) with version 4.30.063 are susceptible to a cross-site request forgery vulnerability. This flaw enables attackers to deceive authenticated users into executing unintended actions, effectively compromising the application’s security. B...

The FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 has a vulnerability that allows authenticated users to perform OS command injection. Attackers can exploit this flaw by injecting unvalidated shell commands through certain input parameters. Successful exploitation results in elevated priv...

The FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 has a vulnerability that allows authenticated users to perform OS command injection. Attackers can exploit this flaw by injecting unvalidated shell commands through certain input parameters. Successful exploitation results in elevated priv...

The firmware version 8.0.0.64 of the FLIR Thermal Camera PT-Series is susceptible to multiple unauthenticated remote command injection vulnerabilities. These issues arise due to unsanitized POST parameters within the controllerFlirSystem.php script, particularly through the execFlirSystem() funct...

The firmware version 8.0.0.64 of the FLIR Thermal Camera PT-Series is susceptible to multiple unauthenticated remote command injection vulnerabilities. These issues arise due to unsanitized POST parameters within the controllerFlirSystem.php script, particularly through the execFlirSystem() funct...

FLIR Thermal Cameras running firmware version 8.0.0.64 are exposed to a vulnerability that allows attack vectors for unauthorized access to live camera streams without the need for authentication. This flaw enables remote attackers to intercept video feeds from the thermal cameras across various ...

The FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains hard-coded SSH credentials that cannot be altered during standard camera operations. This vulnerability allows attackers to exploit these unmodifiable credentials to gain unauthorized remote access to the thermal camera system, ...

The FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains hard-coded SSH credentials that cannot be altered during standard camera operations. This vulnerability allows attackers to exploit these unmodifiable credentials to gain unauthorized remote access to the thermal camera system, ...

FLIR Thermal Cameras running firmware version 8.0.0.64 are exposed to a vulnerability that allows attack vectors for unauthorized access to live camera streams without the need for authentication. This flaw enables remote attackers to intercept video feeds from the thermal cameras across various ...

The firmware of FLIR Thermal Camera F/FC/PT/D version 8.0.0.64 is susceptible to an information disclosure vulnerability. This security flaw enables unauthenticated attackers to exploit the '/var/www/data/controllers/api/xml.php' readFile() function, allowing them to read arbitrary files from the...

The firmware of FLIR Thermal Camera F/FC/PT/D version 8.0.0.64 is susceptible to an information disclosure vulnerability. This security flaw enables unauthenticated attackers to exploit the '/var/www/data/controllers/api/xml.php' readFile() function, allowing them to read arbitrary files from the...

A security issue in the Kubernetes platform allows an unauthenticated attacker with access to the pod network to execute arbitrary code within the context of the ingress-nginx controller. This vulnerability poses serious security risks, as it can potentially expose sensitive secrets accessible to...

The ACF to REST API plugin for WordPress is susceptible to Insecure Direct Object Reference, enabling attackers with Contributor-level access and above to manipulate ACF fields for posts they do not own. This security issue stems from inadequate capability checks within the update_item_permission...

The Relevanssi plugin, including its premium version, prior to specified updates, fails to properly sanitize and escape user-supplied parameters in SQL statements. This flaw can be exploited by users with contributor roles or higher, allowing them to execute arbitrary SQL queries, potentially com...

The Frontend File Manager Plugin for WordPress prior to version 23.5 is susceptible to a path traversal vulnerability. This issue arises from inadequate validation of a path parameter and the ownership of files. As a result, any authenticated user, including those with subscriber-level access, ma...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

The AuntyFey Smart Combination Lock firmware versions up to December 24, 2025, are susceptible to an exploit that enables an unauthenticated attacker within Bluetooth Low Energy (BLE) proximity to initiate an overwhelming number of BLE connection attempts. This barrage of connection requests can ...

The Microsoft Playwright MCP Server, prior to version 0.0.40, is susceptible to a DNS rebinding vulnerability due to inadequate validation of the Origin header in incoming connections. This flaw could allow attackers to exploit a victim's web browser to send unauthorized requests, potentially cau...

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

A vulnerability exists in the TRENDnet TEW-811DRU router that allows for OS command injection through the manipulation of the setDeviceURL function in the uapply.cgi file. This flaw provides remote attackers the capability to execute arbitrary commands on the affected device, potentially compromi...

A security vulnerability exists in TRENDnet TEW-713RE version 1.02, specifically in the '/goformX/formFSrvX' file. This unknown function allows an attacker to manipulate the 'SZCMD' argument, leading to the possibility of remote OS command injection. The exploit methodology is now publicly availa...

The iDS6 DSSPro Digital Signage System version 6.2 is susceptible to a sensitive information disclosure flaw. This vulnerability enables remote attackers to intercept essential authentication credentials transmitted in cleartext through cookies. By exploiting the autoSave feature, attackers can c...