CVE-2024-3721

Overview

TBK
DVR-4104

13 Apr 2024

Published

01 Aug 2024

Updated

CVSS v3.1

MEDIUM (6.3)

EPSS

83.86%

MITRE

KEV

Description

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260573 was assigned to this vulnerability.

Statistics

3 Posts
1 Interaction

Last activity: 13 hours ago

Fediverse

HackerWorkspace @hackerworkspace

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

https://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.html

Read on HackerWorkspace: https://hackerworkspace.com/article/mirai-variant-nexcorium-exploits-cve-2024-3721-to-hijack-tbk-dvrs-for-ddos-botnet

#malware #cybersecurity #vulnerability

0
0
0
15h ago

Bluesky

Ninja Owl @ninjaowl.ai

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
1
0
13h ago

Undercode Testing @undercode.bsky.social

Nexcorium Mirai Strikes TBK DVRs: How CVE-2024-3721 Fuels a New DDoS Botnet Apocalypse + Video Introduction: The convergence of legacy IoT devices and unpatched vulnerabilities has given rise to a new generation of botnets. Attackers are actively exploiting CVE-2024-3721 in TBK DVRs to deploy the…

0
0
0
18h ago

CVE-2025-0520

Overview

ShowDoc
ShowDoc

29 Apr 2025

Published

19 Nov 2025

Updated

CVSS v4.0

CRITICAL (9.4)

EPSS

2.03%

MITRE

KEV

Description

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.

Statistics

3 Posts
3 Interactions

Last activity: 9 hours ago

Fediverse

Hackread.com @Hackread

📢⚠️ Hackers are exploiting a 5-year-old #ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.

Read: https://hackread.com/showdoc-vulnerability-patch-2020-server-takeover/

#CyberSecurity #Vulnerability #CyberAttacks

0
0
1
9h ago

Bluesky

Hackread.com @hackread.bsky.social

📢⚠️ Hackers are exploiting a 5-year-old #ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide. Read: hackread.com/showdoc-vuln... #CyberSecurity #Vulnerability #CyberAttacks

1
2
0
9h ago

CVE-2026-39987

Overview

marimo-team
marimo

09 Apr 2026

Published

09 Apr 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

3.20%

MITRE

KEV

Description

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints (e.g., /ws) that correctly call validate_auth() for authentication, the /terminal/ws endpoint only checks the running mode and platform support before accepting connections, completely skipping authentication verification. This vulnerability is fixed in 0.23.0.

Statistics

3 Posts

Last activity: 7 hours ago

Fediverse

elhacker.NET @elhackernet

Atacantes aprovechan CVE-2026-39987 para difundir puerta trasera basada en blockchain mediante Hugging Face

https://blog.elhacker.net/2026/04/atacantes-aprovechan-cve-2026-39987.html

0
0
1
15h ago

ThreatNoir @threatnoir

⚠️ CRITICAL: Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Attackers are actively exploiting CVE-2026-39987, a critical RCE vulnerability in Marimo Python notebooks, to deploy NKAbuse malware hosted on Hugging Face. The malware acts as a RAT with credential theft and lateral movement capabilities. Exploitation started within 10 hours of disclosure across m…

https://threatnoir.com/focus

#infosec #cybersecurity

0
0
0
7h ago

CVE-2026-34197

Overview

Apache Software Foundation
Apache ActiveMQ Broker
org.apache.activemq:activemq-broker

07 Apr 2026

Published

17 Apr 2026

Updated

CVSS

Pending

EPSS

46.64%

MITRE

KEV

Description

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations on all ActiveMQ MBeans (org.apache.activemq:*), including BrokerService.addNetworkConnector(String) and BrokerService.addConnector(String). An authenticated attacker can invoke these operations with a crafted discovery URI that triggers the VM transport's brokerConfig parameter to load a remote Spring XML application context using ResourceXmlApplicationContext. Because Spring's ResourceXmlApplicationContext instantiates all singleton beans before the BrokerService validates the configuration, arbitrary code execution occurs on the broker's JVM through bean factory methods such as Runtime.exec(). This issue affects Apache ActiveMQ Broker: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ All: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ: before 5.19.4, from 6.0.0 before 6.2.3. Users are recommended to upgrade to version 5.19.4 or 6.2.3, which fixes the issue

Statistics

1 Post
6 Interactions

Last activity: 14 hours ago

Fediverse

N_{Dario Fadda} @nuke

CISA Adds Apache ActiveMQ CVE-2026-34197 to KEV Catalog as Active Exploitation Surges
#CyberSecurity
https://securebulletin.com/cisa-adds-apache-activemq-cve-2026-34197-to-kev-catalog-as-active-exploitation-surges/

6
0
0
14h ago

CVE-2026-40342

Overview

FirebirdSQL
firebird

17 Apr 2026

Published

17 Apr 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

0.08%

MITRE

KEV

Description

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE FUNCTION privileges can use a crafted ENGINE name to load an arbitrary shared library from anywhere on the filesystem via path traversal. The library's initialization code executes immediately during loading, before Firebird validates the module, achieving code execution as the server's OS account. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.

Statistics

1 Post
4 Interactions

Last activity: 4 hours ago

Fediverse

Jernej Simončič � @jernej__s

Hey, @cR0w, another ../ for you: https://vuldb.com/cve/CVE-2026-40342

1
3
0
4h ago

CVE-2026-3055

Overview

NetScaler
ADC

23 Mar 2026

Published

31 Mar 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

55.71%

MITRE

KEV

Description

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Statistics

2 Posts
3 Interactions

Last activity: 8 hours ago

Fediverse

Javvad Malik :verified: @Javvad

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emergency list. If you run one, stop reading this and patch now.

https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799

1
0
0
8h ago

Bluesky

Javvad Malik @j4vv4d.com

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emerg... https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799

0
2
0
8h ago

CVE-2026-4368

Overview

NetScaler
ADC

23 Mar 2026

Published

24 Mar 2026

Updated

CVSS v4.0

HIGH (7.7)

EPSS

0.02%

MITRE

KEV

Description

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup

Statistics

2 Posts
3 Interactions

Last activity: 8 hours ago

Fediverse

Javvad Malik :verified: @Javvad

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emergency list. If you run one, stop reading this and patch now.

https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799

1
0
0
8h ago

Bluesky

Javvad Malik @j4vv4d.com

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emerg... https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799

0
2
0
8h ago

CVE-2025-4802

Overview

The GNU C Library
glibc

16 May 2025

Published

26 Feb 2026

Updated

CVSS

Pending

EPSS

0.04%

MITRE

KEV

Description

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).

Statistics

1 Post
1 Interaction

Last activity: 9 hours ago

Bluesky

0xor0ne @0xor0ne.bsky.social

Analysis of CVE-2025-4802: glibc 2.27-2.38 fails to sanitize LD_LIBRARY_PATH before dlopen() in statically linked SUID binaries, allowing arbitrary library loading and LPE. allelesecurity.com/libc-vuln-an... Infosec

0
1
0
9h ago

CVE-2024-36360

Overview

Keisuke Nakayama
awkblog

11 Jun 2024

Published

14 Mar 2025

Updated

CVSS

Pending

EPSS

2.49%

MITRE

KEV

Description

OS command injection vulnerability exists in awkblog v0.0.1 (commit hash:7b761b192d0e0dc3eef0f30630e00ece01c8d552) and earlier. If a remote unauthenticated attacker sends a specially crafted HTTP request, an arbitrary OS command may be executed with the privileges of the affected product on the machine running the product.

Statistics

1 Post
1 Interaction

Last activity: 19 hours ago

Fediverse

h12o @h12o

awkといえば、awkblogのOSコマンドインジェクションの脆弱性CVE-2024-36360 が公開されたのと、そのdiffが出たのとを見て、PoCを書いてみた思い出。

https://github.com/yammerjp/awkblog/issues/1

0
1
0
19h ago

CVE-2026-40494

Overview

HappySeaFox
sail

18 Apr 2026

Published

18 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.04%

MITRE

KEV

Description

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in `tga.c` has an asymmetric bounds check vulnerability. The run-packet path (line 297) correctly clamps the repeat count to the remaining buffer space, but the raw-packet path (line 305-311) has no equivalent bounds check. This allows writing up to 496 bytes of attacker-controlled data past the end of a heap buffer. Commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302 patches the issue.

Statistics

1 Post

Last activity: 21 hours ago

Fediverse

OffSequence @offseq

🚨 CRITICAL: CVE-2026-40494 in HappySeaFox sail (<45d48d1f2e8...) enables out-of-bounds write in TGA decoder. Heap overflow risk — update to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. No exploits seen yet. https://radar.offseq.com/threat/cve-2026-40494-cwe-787-out-of-bounds-write-in-happ-d7181ae5 #OffSeq #Vuln #AppSec

0
0
0
21h ago