5094 matches found
CVE-2026-46391
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 9.0.1 and prior to version 26.0.0 of @haxtheweb/open-apis, multiple functions conduct substring-only matching to validate hostnames to which basic authorization should be sent. An attacker can append the...
Kernel-Exploit-Dojo-499
Kernel-Exploit-Dojo-499 CTF kernel exploitation notes, PoCs,...
Kernel-Exploit-Dojo-283
Kernel-Exploit-Dojo-283 CTF kernel exploitation notes, PoCs,...
CVE-2026-8608
The Event Monster – Event Management, Events Calendar, Tickets plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in versions up to, and including, 2.1.0. This is due to the capturepayment AJAX handler registered via wpajaxnoprivemcapturepayment trusting...
CVE-2026-8608 Event Monster <= 2.1.0 - Unauthenticated Insufficient Verification of Data Authenticity to Payment Bypass via em_capture_payment AJAX Action
The Event Monster – Event Management, Events Calendar, Tickets plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in versions up to, and including, 2.1.0. This is due to the capturepayment AJAX handler registered via wpajaxnoprivemcapturepayment trusting...
CVE-2026-8608 Event Monster <= 2.1.0 - Unauthenticated Insufficient Verification of Data Authenticity to Payment Bypass via em_capture_payment AJAX Action
The Event Monster – Event Management, Events Calendar, Tickets plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in versions up to, and including, 2.1.0. This is due to the capturepayment AJAX handler registered via wpajaxnoprivemcapturepayment trusting...
CVE-2026-7785
A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quickcapture of the file pysharkmcp.py. The manipulation results in os command injection. The attack may be launched...
CVE-2026-46391 HAX open-apis: Credential Theft via Server-Side Request Forgery (SSRF) in open-apis
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 9.0.1 and prior to version 26.0.0 of @haxtheweb/open-apis, multiple functions conduct substring-only matching to validate hostnames to which basic authorization should be sent. An attacker can append the...
GHSA-P462-PRXW-MJX4 NASA AMMOS Instrument Toolkit: Path traversal resulting in arbitrary file append (can be triggered over the network by unauthenticated attacker)
Summary The Binary Stream Capture BSC component exposes an unauthenticated HTTP API for dynamically creating packet capture “handlers.” Because the code blindly trusts path‑related form fields, a remote client can: - Bypass the configured log root and direct BSC to log to arbitrary filesystem...
NASA AMMOS Instrument Toolkit: Path traversal resulting in arbitrary file append (can be triggered over the network by unauthenticated attacker)
Summary The Binary Stream Capture BSC component exposes an unauthenticated HTTP API for dynamically creating packet capture “handlers.” Because the code blindly trusts path‑related form fields, a remote client can: - Bypass the configured log root and direct BSC to log to arbitrary filesystem...
Chromium: CVE-2026-11296 Inappropriate implementation in ImageCapture
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-34416
Use after free in SurfaceCapture in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-11296
Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-11296
Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
PT-2026-47089
Summary The Binary Stream Capture BSC component exposes an unauthenticated HTTP API for dynamically creating packet capture “handlers.” Because the code blindly trusts path‑related form fields, a remote client can: - Bypass the configured log root and direct BSC to log to arbitrary filesystem...
FIFOFox: Windows Named-Pipe Security Auditor and Fuzzer
FIFOFox is a Windows named-pipe security assessment tool for identifying weak pipe permissions, pipe-squatting exposure, and named-pipe impersonation attack paths. It combines passive auditing with authorized active testing, including fuzzing and interception-style capture, to help defenders find...
DEBIAN-CVE-2026-10967
Use after free in SurfaceCapture in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-11296
Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11296
Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-10967
Use after free in SurfaceCapture in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...