No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Researcher reported the vuln in March. Maintainers haven't responded to his messages since ...
The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The ...
CSO Online

HP Poly VoIP vulnerability sets the stage for executive voice deepfakes

The remote code execution flaw enables root access and voice attacks on HP Poly VoIP phones, including eavesdropping and the ...
SecurityWeek

Gogs Zero-Day Exposes Servers to Remote Code Execution

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

Root Evidence Research Finds Only 1.4% of Vulnerabilities Are Known to Be Exploited in Real-World Attacks

Root Evidence, the cybersecurity startup championing evidence-based security, today released new research showing that the cybersecurity industry’s current approach to vulnerability management is ...
GitHub

motioneye_auth_rce_cve_2025_60787.rb

This module exploits a template injection vulnerability in the MotionEye Frontend. MotionEye Frontend versions 0.43.1b4 and prior are vulnerable to OS Command Injection in configuration parameters ...
Hosted on MSN

Alvaro Arbeloa cancels his final press conference as Real Madrid coach

Alvaro Arbeloa cancelled his final post-match press conference as the head coach of Real Madrid after their 4-2 win over Athletic Club on Saturday. Arbeloa did not speak to the crowd the way Carlo ...
GitHub

0x09AL/CVE-2017-11882-metasploit

This module is a quick port to Metasploit and uses mshta.exe to execute the payload. There are better ways to implement this module and exploit but will update it as soon as I have the time.