Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

239 matches found

EUVD
EUVDadded yesterday7 views

EUVD-2026-38198

A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...

5.1CVSS5.3AI score
Exploits0References5
NVD
NVDadded 2 days ago6 views

CVE-2026-12812

A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...

5.1CVSS
Exploits0References4
Cvelist
Cvelistadded 2 days ago18 views

CVE-2026-12812 Radware Cyber Controller HTML Report Generation HTML injection

A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...

5.1CVSS
Exploits0References4
CVE
CVEadded 2 days ago16 views

CVE-2026-12812

Radware Cyber Controller (up to 10.11.0) is affected in the HTML Report Generation component, with HTML injection due to the underlying issue. The vulnerability allows remote exploitation, and the exploit has been publicly disclosed. No remediation details are provided in the documents. Affected ...

5.1CVSS5.3AI score
Exploits0References4
GithubExploit
GithubExploitadded 2026/06/14 7:26 p.m.70 views

VulnPilot

VulnPilot VulnPilot is an automation framework for vulnerabil...

5.4AI score
Exploits0
GithubExploit
GithubExploitadded 2026/06/12 8:52 p.m.62 views

webstrike-framework

WebStrike — Automated Web Pentesting Framework Created by...

5.6AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2026/06/09 12:21 a.m.8 views

CVE-2026-44751 Missing Authorization check in Application Server ABAP of SAP NetWeaver and ABAP Platform

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS5.6AI score0.00206EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/09 12:21 a.m.10 views

CVE-2026-44751

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS5.6AI score0.00206EPSS
Exploits0References3
CVE
CVEadded 2026/06/09 12:21 a.m.45 views

CVE-2026-44751

CVE-2026-44751 affects the SAP NetWeaver ABAP Platform/application server ABAP. The issue is a missing authorization check for authenticated users, enabling a user to execute a report generation command and potentially overwrite another user’s information, resulting in privilege escalation. Impac...

7.1CVSS5.6AI score0.00206EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/09 12:21 a.m.8 views

EUVD-2026-35285

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS5.6AI score0.00206EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/09 12:21 a.m.36 views

CVE-2026-44751 Missing Authorization check in Application Server ABAP of SAP NetWeaver and ABAP Platform

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS0.00206EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/09 12:0 a.m.12 views

PT-2026-47536

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS5.6AI score0.00206EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/06/09 12:0 a.m.12 views

SAP NetWeaver ABAP Platform 安全漏洞

SAP NetWeaver ABAP Platform is an integrated technology platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver ABAP Platform, which stems from the lack of necessary authorization checks for authenticated users. This vulnerability could allow attackers to...

7.1CVSS5.5AI score0.00206EPSS
Exploits0References1
NVD
NVDadded 2026/05/21 6:16 p.m.9 views

CVE-2026-48246

Open ISES Tickets before 3.44.2 disables TLS certificate verification in ajax/reports.php by setting CURLOPTSSLVERIFYPEER to false and not setting CURLOPTSSLVERIFYHOST when issuing outbound HTTPS requests for Google Maps Directions API lookups during incident report generation. An attacker...

8.2CVSS0.00169EPSS
Exploits0References3
CVE
CVEadded 2026/05/21 5:11 p.m.15 views

CVE-2026-48246

CVE-2026-48246 affects Open ISES Tickets prior to version 3.44.2. The issue is that TLS certificate verification is disabled for outbound HTTPS requests in ajax/reports.php by setting CURLOPT_SSL_VERIFYPEER to false and not configuring CURLOPT_SSL_VERIFYHOST during Google Maps Directions API look...

8.2CVSS5.9AI score0.00169EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/21 5:11 p.m.8 views

EUVD-2026-31327

Open ISES Tickets before 3.44.2 disables TLS certificate verification in ajax/reports.php by setting CURLOPTSSLVERIFYPEER to false and not setting CURLOPTSSLVERIFYHOST when issuing outbound HTTPS requests for Google Maps Directions API lookups during incident report generation. An attacker...

8.2CVSS5.9AI score0.00169EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/21 12:0 a.m.7 views

PT-2026-42524

Open ISES Tickets before 3.44.2 disables TLS certificate verification in ajax/reports.php by setting CURLOPT SSL VERIFYPEER to false and not setting CURLOPT SSL VERIFYHOST when issuing outbound HTTPS requests for Google Maps Directions API lookups during incident report generation. An attacker...

8.2CVSS5.9AI score0.00169EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2026/05/15 8:19 p.m.71 views

Vulnerability-Scanner-using-Ollama-3-

Vulnerability Scanning & Exploitation Toolkit A Python-based...

9.8CVSS7.3AI score0.99992EPSS
Exploits146
GithubExploit
GithubExploitadded 2026/05/15 8:29 a.m.69 views

X-Omega-Hack

X-Omega-Hack X-Omega-Hack v9.0 - Tool hacking all in one buat...

5.8AI score
Exploits0
GithubExploit
GithubExploitadded 2026/05/09 8:16 p.m.85 views

erebus

EREBUS Web application security assessment framework. For...

6.2AI score
Exploits0
Rows per page
Query Builder