Lucene search
+L

71 matches found

NVD
NVD
added 4 days ago8 views

CVE-2026-15627

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...

5.3CVSS0.00246EPSS
Exploits0References7
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-43616

A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...

5.3CVSS5.9AI score0.00246EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 9:24 a.m.2 views

CVE-2026-45844 netfilter: arp_tables: fix IEEE1394 ARP payload parsing

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.11 views

OpenHarness 安全漏洞

OpenHarness is a lightweight development and runtime framework for Data Intelligence Lab@HKU, open-source in nature. OpenHarness has a security vulnerability, which stems from the lack of target address validation in the webFetch and webSearch tools. This vulnerability may lead to server-side...

8.3CVSS5.8AI score0.0018EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/03/12 5:18 p.m.134 views

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

Usages: python3 ex...

9.8CVSS5.8AI score0.83428EPSS
Exploits12
Cvelist
Cvelist
added 2026/02/27 9:44 p.m.28 views

CVE-2026-28415 Gradio has Open Redirect in OAuth Flow

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the redirecttotarget function in Gradio's OAuth flow accepts an unvalidated targeturl query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback...

4.3CVSS0.00232EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/29 2:28 p.m.8 views

EUVD-2020-30913

Ajenti 2.1.36 contains an authentication bypass vulnerability that allows remote attackers to execute arbitrary commands after successful login. Attackers can leverage the /api/terminal/create endpoint to send a netcat reverse shell payload targeting a specified IP and port...

9.8CVSS6.2AI score0.00653EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.11 views

Squidex code-related vulnerabilities

Squidex is an open-source content management system developed by Squidex. Versions of Squidex 7.21.0 and earlier had code vulnerabilities. These vulnerabilities stemmed from insufficient validation of URL parameters in Webhook configurations, or lack of restrictions on the target IP address, whic...

9.1CVSS5.9AI score0.0042EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/01/16 12:26 a.m.6 views

SUSE CVE-2025-71139

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area Bug description When I tested kexec with the latest kernel, I ran into the following warning: 40.712410 ------------ cut here ------------ 40.712576 WARNING: CPU: 2 PID:...

5.5CVSS6.5AI score0.00102EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/12/04 8:4 a.m.429 views

Exploit for Prototype Pollution in Datatables Datatables.Net

CVE-2020-28458 Affected versions of this package are vulnerabl...

7.5CVSS7AI score0.0367EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/11/18 5:57 p.m.214 views

Snitch__Scan

PoC exploit for XSS Vulnerability Scanner. This tool is designed...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/16 12:0 a.m.10 views

PT-2025-47088

Name of the Vulnerable Software and Affected Versions Ascertia SigningHub versions through 8.6.8 Description A lack of rate limiting on the invite user function allows for an email bombing attack. An authenticated attacker can automate invite requests to a target email address. Recommendations...

4.3CVSS6.5AI score0.00321EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2025/10/22 9:41 p.m.291 views

Exploit for Path Traversal in Wordpress

Как пользоваться Сохраните файл как checkcve-20...

6.1CVSS7AI score0.79527EPSS
Exploits7
Fedora
Fedora
added 2025/10/09 12:51 a.m.8 views

[SECURITY] Fedora 42 Update: turbo-attack-0.1.0-4.fc42

A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port...

6.5CVSS6.9AI score0.00489EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-11667

Malware in sbrugna...

7.5CVSS7.5AI score0.00542EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-11666

Malware in sbrugna...

7.5CVSS7.6AI score0.00542EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/29 4:47 a.m.13 views

CVE-2025-11096

A flaw has been found in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/diagtraceroute. Executing manipulation of the argument targetaddr can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

8.8CVSS6.8AI score0.04125EPSS
Exploits1References1
OSV
OSV
added 2025/09/28 5:15 a.m.4 views

CVE-2025-11096

A flaw has been found in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/diagtraceroute. Executing manipulation of the argument targetaddr can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

8.8CVSS5.6AI score0.04125EPSS
Exploits1References5
NVD
NVD
added 2025/09/28 5:15 a.m.6 views

CVE-2025-11096

A flaw has been found in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/diagtraceroute. Executing manipulation of the argument targetaddr can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

8.8CVSS0.04125EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/28 4:32 a.m.4 views

CVE-2025-11096 D-Link DIR-823X diag_traceroute command injection

A flaw has been found in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/diagtraceroute. Executing manipulation of the argument targetaddr can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

6.5CVSS6.7AI score0.04125EPSS
Exploits1References5
Rows per page
Query Builder