CVE-2025-66209.zip
2 KB
CVE-2025-66209
Author: 0xrakan
None
GitHub Link:
https://github.com/0xrakan/coolify-cve-2025-66209-66213
Author: 0xrakan
None
GitHub Link:
https://github.com/0xrakan/coolify-cve-2025-66209-66213
CVE-2024-48990.zip
2.3 KB
CVE-2024-48990
Author: grecosamuel
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
GitHub Link:
https://github.com/grecosamuel/CVE-2024-48990
Author: grecosamuel
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
GitHub Link:
https://github.com/grecosamuel/CVE-2024-48990
CVE-2021-43798.zip
5.3 KB
CVE-2021-43798
Author: strikoder
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is:
GitHub Link:
https://github.com/strikoder/Grafana-Password-Decryptor
Author: strikoder
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is:
<grafana_host_url>/public/plugins//, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.GitHub Link:
https://github.com/strikoder/Grafana-Password-Decryptor
CVE-2004-2687.zip
1.2 KB
CVE-2004-2687
Author: nulltrace1336
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
GitHub Link:
https://github.com/nulltrace1336/Metasploitable-2-Distcc-Exploit-via-Kali-Linux-CVE-2004-2687
Author: nulltrace1336
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
GitHub Link:
https://github.com/nulltrace1336/Metasploitable-2-Distcc-Exploit-via-Kali-Linux-CVE-2004-2687