Lucene search
+L

5278 matches found

GithubExploit
GithubExploit
added 2026/05/09 8:16 p.m.135 views

erebus

EREBUS Web application security assessment framework. For...

6.2AI score
Exploits0
Snyk
Snyk
added 2026/05/08 6:32 a.m.10 views

Cross-site Scripting (XSS)

Overview org.opencms:opencms-core is a Java open source content management system by Alkacon Software. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the cmis-online/type process. An attacker can execute arbitrary scripts in the context of a user's browser by...

6.1CVSS5.9AI score0.0059EPSS
Exploits0References2
HackRead
HackRead
added 2026/05/06 9:40 a.m.9 views

Application Security Strategies Are Changing as AI-generated Code Floods the SDLC

AI-generated code is changing AppSec workflows, forcing teams to rethink SDLC security, dependency checks, code review, and risk prioritization...

5.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/05 9:41 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225

Summary IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in...

1.8CVSS5.7AI score0.00159EPSS
Exploits0Affected Software1
HackRead
HackRead
added 2026/05/04 10:55 a.m.12 views

Cyber-Secure Philanthropy: Tech Infrastructure for Global Donations

Secure philanthropy needs hardened payments, API security, and compliance controls to protect global donations from fraud and attacks...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/22 9:54 p.m.110 views

Web-Application-Pentest-Report

Web-Application-Pentest-Report OWASP methodology penetration t...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.10 views

WeKan 安全漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.35 contained security vulnerabilities. These vulnerabilities stemmed from insufficient authorization checks for Integration REST API endpoints, which could allow authenticated dashboard members to perfo...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 7:23 p.m.3 views

EUVD-2026-20641

monetr: Protected Transactions Deletable via PUT...

5.7CVSS5.9AI score0.00292EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.10 views

OWASP CRS 安全漏洞

OWASP CRS is a set of open-source attack detection rules developed by the CRS Project. Versions prior to OWASP CRS 3.3.9 and 4.25.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of standardization in file extension checks for spaces, which could lead to bypassing...

7.5CVSS5.8AI score0.02172EPSS
Exploits0References8
HackRead
HackRead
added 2026/04/01 10:45 a.m.7 views

Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSec

New York, New York, April 1st, 2026, CyberNewswire...

5.8AI score
Exploits0
Akamai Blog
Akamai Blog
added 2026/03/27 12:0 p.m.7 views

Extend Application Security Visibility from Code to Runtime

...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/03/26 11:4 a.m.183 views

AppSec-Penetration-Testing-Lab

🔐 AppSec Penetration Testing Lab A hands-on application sec...

6.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/24 8:4 p.m.5 views

CVE-2026-21790

HCL Traveler is susceptible to a weak default HTTP header validation vulnerability, which could allow an attacker to bypass additional authentication checks...

6.3CVSS5.8AI score0.0015EPSS
Exploits0References2Affected Software1
Imperva Blog
Imperva Blog
added 2026/03/23 4:58 p.m.6 views

Securing Applications Anywhere: Breaking Down the Wall of Confusion

Application development has changed dramatically. Enterprises now release software faster, operate more digital services, and deploy applications across a mix of public cloud, private cloud, APIs, containers, and on-premises infrastructure. As application delivery has accelerated and architecture...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.10 views

PT-2026-25597

Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application...

4.8CVSS5.8AI score0.00084EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/04 9:45 p.m.5 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the getDynamicIcon endpoint when attacker-controlled input is embedded into SVG output without proper sanitization. An attacker can execute arbitrary JavaScript in the context of the web application by...

9.3CVSS7.3AI score0.00625EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.6 views

Fedora 43 : python-django5 (2026-3adb735295)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3adb735295 advisory. - Fixes CVE-2025-13473: Username enumeration through timing difference in modwsgi authentication handler - Fixes CVE-2025-14550: Potential...

8.5CVSS6AI score0.09436EPSS
Exploits2References7
HackRead
HackRead
added 2026/03/03 2:0 p.m.9 views

Archipelo and Checkmarx Announce Partnership Connecting AppSec Detection with DevSPM

San Francisco, CA, United States, 3rd March 2026, CyberNewswire...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.9 views

ZoneMinder 安全漏洞

ZoneMinder is an open-source video monitoring software system developed by ZoneMinder. This system supports IP, USB, and analog cameras. Version 1.36.34 of ZoneMinder contains a security vulnerability. This vulnerability stems from user input that is passed directly into the exec function in...

9.8CVSS5.8AI score0.01649EPSS
Exploits2References2
HackRead
HackRead
added 2026/02/17 3:29 p.m.7 views

CredShields Contributes to OWASP’s 2026 Smart Contract Security Priorities

SINGAPORE, Singapore, 17th February 2026, CyberNewswire...

5.4AI score
Exploits0
Rows per page
Query Builder