Lucene search
+L

7 matches found

githubexploit
githubexploit
added 2026/04/18 10:5 a.m.210 views

Exploit for Improper Input Validation in Python

CVE-2023-24329 — Parser Differential Lab Educational use...

7.5CVSS7AI score0.20459EPSS
Exploits3
osv
osv
added 2026/03/27 8:39 p.m.7 views

CVE-2026-33885 Statamic has an Open Redirect on unauthenticated endpoints via URL parsing differential

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, the external URL detection used for redirect validation on unauthenticated endpoints could be bypassed, allowing users to be redirected to external URLs after actions like form submissions an...

6.1CVSS5.7AI score0.00177EPSS
Exploits0References3
nvd
nvd
added 2026/01/27 10:15 p.m.10 views

CVE-2026-24779

vLLM is an inference and serving engine for large language models LLMs. Prior to version 0.14.1, a Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods obtain and process...

7.1CVSS0.00528EPSS
Exploits1References14
cvelist
cvelist
added 2026/01/27 10:1 p.m.28 views

CVE-2026-24779 vLLM vulnerable to Server-Side Request Forgery (SSRF) in `MediaConnector`

vLLM is an inference and serving engine for large language models LLMs. Prior to version 0.14.1, a Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods obtain and process...

7.1CVSS0.00528EPSS
Exploits1References3
cve
cve
added 2026/01/27 10:1 p.m.25 views

CVE-2026-24779

CVE-2026-24779 is an SSRF vulnerability in vLLM’s MediaConnector. Before version 0.14.1, load_from_url and load_from_url_async fetch media from user-supplied URLs and validate via Python urllib urlparse, while the request is issued with requests/urllib3, whose parsing follows a different standard...

7.1CVSS5.9AI score0.00528EPSS
Exploits1References14Affected Software1
amazon
amazon
added 2025/07/10 12:0 a.m.5 views

Important: firefox

Issue Overview: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox or tag, potentially making a website vulnerable to a cross-site scripting attack. CVE-2025-6430 Affected Packages: firefox Note: This advisory is applicable to Amazon...

9.8CVSS6.2AI score0.03123EPSS
Exploits0
exploitdb
exploitdb
added 2002/04/17 12:0 a.m.31 views

Sambar Server 5.1 - Script Source Disclosure

source: https://www.securityfocus.com/bid/4533/info An issue has been discovered in Sambar Server, which could allow a user to reveal the source code of script files. Submitting a request for a known script file along with a space and null character %00, will successfully bypass the serverside UR...

7.4AI score
Exploits0
Rows per page
Query Builder