Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

GithubExploit
GithubExploitadded 2026/03/04 1:34 p.m.134 views

Exploit for CVE-2016-10555

██╗██╗ ██╗████████╗ ███████╗ ██████╗ ██████╗ ███...

6.5CVSS6.1AI score0.04898EPSS
Exploits2
Circl
Circladded 2025/11/24 5:28 p.m.7 views

CVE-2025-10555

creationtimestamp| type| source ---|---|--- 2025-11-24 17:28:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6fdzsklmx2w...

8.7CVSS5.8AI score0.00199EPSS
Exploits0References1
OSV
OSVadded 2024/12/20 6:15 a.m.2 views

CVE-2024-10555

The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisit...

4.8CVSS5.8AI score0.00315EPSS
Exploits1References1
CVE
CVEadded 2024/12/20 6:0 a.m.50 views

CVE-2024-10555

CVE-2024-10555 affects the MaxButtons WordPress Button Plugin (MaxButtons) for versions prior to 9.8.1. The issue arises because certain plugin settings are not properly sanitised/escaped, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as ...

4.8CVSS5.4AI score0.00315EPSS
Exploits1References1Affected Software1
Circl
Circladded 2023/08/02 10:0 a.m.9 views

CVE-2016-10555

creationtimestamp| type| source ---|---|--- 2023-08-02 10:00:03+00:00| seen| https://t.me/ptsoft/21 2023-08-02 10:00:03+00:00| seen| https://t.me/ptsoft/12 2025-01-28 13:54:03+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/11760 2025-02-05 19:34:25+00:00| published-proof-of-concept...

6.5CVSS7AI score0.04898EPSS
Exploits2References5
CVE
CVEadded 2019/12/12 8:30 a.m.58 views

CVE-2019-10555

CVE-2019-10555 is a buffer overflow affecting Qualcomm Snapdragon line devices (across Snapdragon Auto/Compute/Consumer Electronics Connectivity/IoT/Industrial IoT/Mobile/Wearables) via incorrect datatype usage and missing length checks when copying into buffers. Affected components are broadly i...

7.8CVSS8.1AI score0.00188EPSS
Exploits0References1Affected Software1
vulnersOsv
vulnersOsvadded 2018/11/06 11:12 p.m.2 views

@sysdoc/sysdoc-web-stack (=1.0.0), ac-koa-hipchat (>=0.1.0 <=0.2.20) +182 more potentially affected by CVE-2016-10555 via jwt-simple (>=0.1.0 <=0.3.0)

jwt-simple NPM version =0.1.0, =0.1.0, =0.1.0, =1.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.7, =0.2.12, =0.5.3, =0.1.0, =0.0.2, =1.1.1, =1.3.1 and more Source cves: CVE-2016-10555 Source advisory: OSV:GHSA-VGRX-W6RG-8FQF...

6.5CVSS6.7AI score0.04898EPSS
Exploits2
Cvelist
Cvelistadded 2018/05/31 8:0 p.m.25 views

CVE-2016-10555

Since "algorithm" isn't enforced in jwt.decodein jwt-simple 0.3.0 and earlier, a malicious user could choose what algorithm is sent sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key...

6.3AI score0.04898EPSS
Exploits2References4
CVE
CVEadded 2018/05/31 8:0 p.m.50 views

CVE-2016-10555

The CVE-2016-10555 issue affects the jwt-simple library (Node.js). It arises because jwt.decode() does not strictly enforce the algorithm, allowing a malicious user to choose the JWT verification algorithm. If a server expects RSA but receives an HMAC-SHA with RSA’s public key, the public key cou...

6.5CVSS6.2AI score0.04898EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder