Lucene search
K

251 matches found

Cvelist
Cvelist
added 2026/03/19 1:44 p.m.23 views

CVE-2025-71258 BMC FootPrints ITSM 20.20.02 <= 20.24.01.001 Blind SSRF in searchWeb

BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component that allows authenticated attackers to cause the server to initiate arbitrary outbound requests. Attackers can exploit improper URL validation to...

5.3CVSS0.1743EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/03/12 4:33 p.m.136 views

VulnEye---Lightweight-Vulnerability-Scanner

VulnEye - Lightweight Vulnerability Scanner VulnEye is a modu...

5.9AI score
Exploits0
NVD
NVD
added 2026/02/12 9:16 p.m.7 views

CVE-2026-26005

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 45, in Clip Bucket V5, The Remote Play allows creating video entries that reference external video URLs without uploading the video files to the server. However, by specifying an internal network host in the video URL, an SS...

5CVSS0.00233EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/12 8:34 p.m.32 views

CVE-2026-26005 ClipBucket v5 enables internal network scans via an SSRF vulnerability

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 45, in Clip Bucket V5, The Remote Play allows creating video entries that reference external video URLs without uploading the video files to the server. However, by specifying an internal network host in the video URL, an SS...

5CVSS0.00233EPSS
Exploits1References2
OSV
OSV
added 2026/02/12 8:34 p.m.5 views

CVE-2026-26005 ClipBucket v5 enables internal network scans via an SSRF vulnerability

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 45, in Clip Bucket V5, The Remote Play allows creating video entries that reference external video URLs without uploading the video files to the server. However, by specifying an internal network host in the video URL, an SS...

5CVSS5.6AI score0.00233EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/10 10:16 p.m.8 views

CVE-2026-25870

DoraCMS version 3.1 and prior contains a server-side request forgery SSRF vulnerability in its UEditor remote image fetch functionality. The application accepts user-supplied URLs and performs server-side HTTP or HTTPS requests without sufficient validation or destination restrictions. The...

6.9CVSS6AI score0.00298EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/01/14 5:52 p.m.187 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

⚡ Pentest Automation !Versionhttps://img.shields.io/badg...

10CVSS9.2AI score0.99999EPSS
Exploits351
NVD
NVD
added 2026/01/07 6:15 p.m.5 views

CVE-2025-58441

Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, there is a blind server-side request forgery vulnerability. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact o...

6.5CVSS0.00163EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 5:16 p.m.5 views

CVE-2025-58441 Knowage is vulnerable to blind server-side request forgery (SSRF)

Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, there is a blind server-side request forgery vulnerability. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact o...

6.3CVSS6.8AI score0.00163EPSS
Exploits0References3
NVD
NVD
added 2026/01/07 5:15 p.m.16 views

CVE-2025-12543

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without...

9.6CVSS0.01179EPSS
Exploits0References16
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.3 views

Knowage 代码问题漏洞

Knowage is an open source suite for modern business analytics on legacy resources and big data systems from Knowage, Italy. A code issue vulnerability exists in Knowage versions prior to 8.1.37, which stems from the presence of blind server-side request forgery that could lead an attacker to scan...

6.5CVSS6.8AI score0.00163EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/01/03 12:39 p.m.155 views

SecurityAnalystTasks

SecurityAnalystTasks This repository contains hands-on cyberse...

8.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/02 12:0 a.m.9 views

Evil-M5Project WiFi Exploration Tool

This is the latest archive as of 2025/01/02 of the Evil-M5Project, an innovative tool developed for ethical testing and exploration of WiFi networks. It harnesses the power of the M5Core2 device to scan, monitor, and interact with WiFi networks in a controlled environment. This project is designe...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/24 4:40 p.m.180 views

VScanX

VScanX - Ethical Vulnerability Scanner !Versionhttps://img...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/11/25 6:27 p.m.170 views

Reporttool

Reporttool A versatile report and attack tool that can carry o...

7.5AI score
Exploits0
EUVD
EUVD
added 2025/11/14 11:41 p.m.2 views

EUVD-2025-197664

Brightpick Mission Control discloses device telemetry, configuration, and credential information via WebSocket traffic to unauthenticated users when they connect to a specific URL. The unauthenticated URL can be discovered through basic network scanning techniques...

8.6CVSS6.3AI score0.00182EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/10/21 7:31 p.m.307 views

Exploit for CVE-2025-12654

AnyDesk Exploit AnyDesk, remote access software, has faced se...

9.8CVSS7.8AI score0.80551EPSS
Exploits9
RedhatCVE
RedhatCVE
added 2025/10/15 7:38 p.m.9 views

CVE-2025-59051

The FreePBX Endpoint Manager module includes a Network Scanning feature that provides web-based access to nmap functionality for network device discovery. In Endpoint Manager 16 before 16.0.92 and 17 before 17.0.6, insufficiently sanitized user-supplied input allows authenticated OS command...

8.6CVSS7AI score0.00649EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 8:15 p.m.16 views

CVE-2025-59051

The FreePBX Endpoint Manager module includes a Network Scanning feature that provides web-based access to nmap functionality for network device discovery. In Endpoint Manager 16 before 16.0.92 and 17 before 17.0.6, insufficiently sanitized user-supplied input allows authenticated OS command...

8.6CVSS0.00649EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/10/14 7:15 p.m.7 views

CVE-2025-59051

The FreePBX Endpoint Manager module includes a Network Scanning feature that provides web-based access to nmap functionality for network device discovery. In Endpoint Manager 16 before 16.0.92 and 17 before 17.0.6, insufficiently sanitized user-supplied input allows authenticated OS command...

8.6CVSS5.8AI score0.00649EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder