563 matches found
PT-2026-43379
A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...
ThingsBoard 代码注入漏洞
ThingsBoard is a Java-based platform developed by the ThingsBoard team, used for monitoring, managing, and data collection of IoT devices. Versions of ThingsBoard 4.3.1.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper handling of the...
CVE-2026-35469 affecting package docker-compose for versions less than 2.27.0-10
CVE-2026-35469 affecting package docker-compose for versions less than 2.27.0-10. A patched version of the package is available...
CLEANSTART-2026-FK40318 Security fixes for CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33747, CVE-2026-33748, CVE-2026-34040, CVE-2026-39882, CVE-2026-39883, ghsa-4c29-8rgm-jvjj, ghsa-4vrq-3vrq-g6gg, ghsa-hfvc-g4fc-pqhx, ghsa-p77j-4mvh-x3m3, ghsa-w8rr-5gcm-pp58 applied in versions: 5.1.0-r0
Multiple security vulnerabilities affect the docker-compose package. These issues are resolved in later releases. See references for individual vulnerability details...
Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
🚀 Automated Log4Shell CVE-2021-44228 Play & Plug Lab An aut...
SECpocs
Next.js React Server Components RCE Exploit Exploits CVE-2025...
Fedora 45 : docker-compose (2026-f5bc7ff320)
The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f5bc7ff320 advisory. Automatic update for docker-compose-5.1.3-1.fc45. Changelog Wed Apr 15 2026 Bradley G Smith - 5.1.3-1 - Update to release v5.1.3 - Resolves...
Exploit for Server-Side Request Forgery in Internlm Lmdeploy
CVE-2026-33626 — LMDeploy Vision-Language SSRF Lab Overvie...
PT-2026-39734
Name of the Vulnerable Software and Affected Versions SOCFortress CoPilot versions prior to 0.1.57 Description The application contains a hardcoded JSON Web Token JWT signing secret used as a fallback value in the backend/app/auth/utils.py file and the .env.example file. In deployments where the...
Exploit for Improper Input Validation in Postgresql
CVE-2018-1058 — PostgreSQL Search Path Demonstration This rep...
CVE-2026-39882 affecting package docker-compose for versions less than 2.27.0-9
CVE-2026-39882 affecting package docker-compose for versions less than 2.27.0-9. A patched version of the package is available...
CVE-2026-41930
Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...
vulnerability-lab
🔐 Vulnerability Lab Buffer Overflow + SQLi ⚠️ FOR EDUCATI...
aerobi-poc
Aerobi POC — Simulação local de monitoramento de câmeras Labo...
CVE-2026-41930
Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...
CVE-2026-41930
Vvveb
CVE-2026-41930 Vvveb < 1.0.8.2 Hard-coded Credentials Information Disclosure via phpMyAdmin
Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...
CVE-2026-41930
Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...
Vvveb 访问控制错误漏洞
Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.2 contained an access control vulnerability. This vulnerability stemmed from hard-coded credentials in the...
PT-2026-38219
Name of the Vulnerable Software and Affected Versions Vvveb versions prior to 1.0.8.2 Description A hard-coded credentials issue exists in the docker-compose-apache.yaml configuration. This allows unauthenticated attackers to access the bundled phpMyAdmin container using pre-configured database...