CVE-2025-27591.zip
2.8 KB
CVE-2025-27591
Author: HOEUN-Visai
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
GitHub Link:
https://github.com/HOEUN-Visai/CVE-2025-27591-below-
Author: HOEUN-Visai
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
GitHub Link:
https://github.com/HOEUN-Visai/CVE-2025-27591-below-
🔥1
CVE-2021-23017.zip
7.5 KB
CVE-2021-23017
Author: 6lj
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
GitHub Link:
https://github.com/6lj/EVIL-CVE-2021-23017-Update-2025
Author: 6lj
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
GitHub Link:
https://github.com/6lj/EVIL-CVE-2021-23017-Update-2025
CVE-2025-24204.zip
255.1 KB
CVE-2025-24204
Author: 34306
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.
GitHub Link:
https://github.com/34306/decrypted
Author: 34306
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.
GitHub Link:
https://github.com/34306/decrypted
CVE-2021-21974.zip
4.4 KB
CVE-2021-21974
Author: abirasecurity
OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution.
GitHub Link:
https://github.com/abirasecurity/CVE-2021-21974vulndectection
Author: abirasecurity
OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution.
GitHub Link:
https://github.com/abirasecurity/CVE-2021-21974vulndectection
CVE-2025-23266.zip
6.3 KB
CVE-2025-23266
Author: Mindasy
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
GitHub Link:
https://github.com/Mindasy/cve-2025-23266-migration-bypass
Author: Mindasy
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
GitHub Link:
https://github.com/Mindasy/cve-2025-23266-migration-bypass