Lucene search
K

58895 matches found

Nuclei
Nuclei
added 14 hours ago35 views

DataEase - Remote Code Execution

DataEase is an open-source business intelligence and data visualization platform. Public advisories state that CVE-2025-49002 is related to a bypass in the previous fix for CVE-2025-32966 involving case-insensitive handling of restricted H2 JDBC keywords. This template is a non-invasive detection...

9.8CVSS6.1AI score0.43192EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday114 views

Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection

Lantronix PremierWave 2050 8.9.0.0R4 contains an OS command injection vulnerability. A specially-crafted HTTP request can lead to command in the Web Manager Wireless Network Scanner. An attacker can make an authenticated HTTP request to trigger this vulnerability. id: CVE-2021-21881 info: name:...

9.9CVSS7AI score0.37064EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2 days ago4 views

Linux Distros Unpatched Vulnerability : CVE-2026-14461

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger th...

5.1CVSS6.1AI score0.00303EPSS
Exploits0References3
Metasploit
Metasploit
added 5 days ago12 views

FTP Fetch, Linux Command Shell, Bind TCP Random Port Inline

Fetch and execute an x64 payload from an FTP server. Listen for a connection in a random port and spawn a command shell. Use nmap to discover the open port: 'nmap -sS target -p-'. Module Options msf use payload/cmd/linux/ftp/x64/shellbindtcprandomport msf payloadshellbindtcprandomport show action...

6.2AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 6 days ago11 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 29, 2026 to July 5, 2026)

Last week, there were 250 vulnerabilities disclosed in 181 WordPress Plugins and 41 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 101 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabiliti...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 6 days ago4 views

openSUSE 16: clamav / clamav-devel / clamav-milter / libclamav12 / etc (openSUSE-SU-2026:21252-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21252-1 advisory. Update to version 1.5.3. Security issues fixed: - CVE-2026-20213: out-of-bounds write due to improper boundary checks for content in PE files...

9.2CVSS6.2AI score0.00463EPSS
Exploits0References24
Cvelist
Cvelist
added 2026/07/08 3:23 p.m.33 views

CVE-2026-59874 node-tar: Negative tar entry size causes infinite loop in archive replace

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, tar.replace accepts a checksum-valid tar header with a negative base-256 encoded entry size, causing the archive scanner to make no progress while repeatedly parsing the same header. This issue is fixed in version 7.5.18...

8.7CVSS0.00358EPSS
Exploits1References3
Fedora
Fedora
added 2026/07/08 1:11 a.m.6 views

[SECURITY] Fedora 43 Update: betterleaks-1.6.0-1.fc43

A Better Secrets Scanner built for configurability and speed...

7.5CVSS5.9AI score0.00939EPSS
Exploits0
Fedora
Fedora
added 2026/07/08 12:58 a.m.6 views

[SECURITY] Fedora 44 Update: betterleaks-1.6.0-1.fc44

A Better Secrets Scanner built for configurability and speed...

7.5CVSS5.9AI score0.00939EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.6 views

BeyondTrust Remote Support (RS) < 25.3.3 Multiple Vulnerabilities (BT26-03)

The version of BeyondTrust Remote Support RS running on the remote host is prior to 25.3.3. It is, therefore, affected by multiple vulnerabilities, including: - A critical pre-authentication vulnerability in the authentication subsystem. Improper validation of authentication data may allow a...

9.9CVSS6.2AI score0.00653EPSS
Exploits0References5
Fedora
Fedora
added 2026/07/07 1:11 a.m.19 views

[SECURITY] Fedora 43 Update: clamav-1.4.5-1.fc43

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

6AI score
Exploits0
Fedora
Fedora
added 2026/07/06 3:10 p.m.22 views

[SECURITY] Fedora 43 Update: rust-wayland-scanner-0.31.10-3.fc43

Wayland Scanner for generating rust APIs from XML wayland protocol files...

5.9AI score
Exploits0
Fedora
Fedora
added 2026/07/06 2:55 p.m.33 views

[SECURITY] Fedora 44 Update: rust-wayland-scanner-0.31.10-3.fc44

Wayland Scanner for generating rust APIs from XML wayland protocol files...

5.9AI score
Exploits0
OSV
OSV
added 2026/07/06 3:6 a.m.6 views

MAL-2026-6795 Malicious code in zod-pino444 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 560c3d47344d4da5dffac230236b5248d2f1856c221ffac7ff72d4e3b197957b Package [email protected] is a credential/secret harvester disguised behind a benign-sounding name. scripts/postinstall-agent.mjs is a...

6AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2018-25282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential...

6.9CVSS6AI score0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/04 3:11 a.m.6 views

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the numpy.f2py.crackfortran process. An attacker can execute arbitrary code by crafting malicious pickle...

8.1CVSS6.2AI score0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/04 1:23 a.m.36 views

CVE-2025-71347 picklescan - Undetected Remote Code Execution via numpy.f2py.crackfortran.param_eval

picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.parameval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed undetected code in pickle files that executes during deserialization, enabling arbitrary cod...

8.1CVSS0.00445EPSS
Exploits0References2
OSV
OSV
added 2026/07/04 1:23 a.m.4 views

CVE-2025-71345 picklescan - Arbitrary Code Execution via torch.utils.bottleneck.__main__.run_autograd_prof

picklescan before 0.0.30 fails to detect malicious pickle files that invoke torch.utils.bottleneck.main.runautogradprof function. Attackers can embed undetected code in pickle files that executes during deserialization, enabling remote code execution...

7.6CVSS6.2AI score0.00427EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-14604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file...

6.5CVSS6.2AI score0.00233EPSS
Exploits0References4
Snyk
Snyk
added 2026/07/03 10:19 p.m.7 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper error handling in the pre-receive process when processing input with bufio.Scanner. An attacker can bypass branch-protection checks by submitting oversized input that triggers scanner errors...

9.8CVSS6AI score0.00472EPSS
Exploits0References2
Rows per page
Query Builder