Lucene search
K

163 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.13 views

Node.js React Server Components Unauthenticated Remote Code Execution (CVE-2025-55182)

Multiple Node.js React Server Components packages are affected by an unauthenticated remote code execution vulnerability. The following Node.js packages and versions are affected: - react-server-dom-webpack 19.0, 19.1.0, 19.1.1, 19.2.0 - react-server-dom-parcel 19.0, 19.1.0, 19.1.1, 19.2.0 -...

10CVSS7.2AI score0.99562EPSS
Exploits373References3
Vulnrichment
Vulnrichment
added 2025/11/19 12:0 a.m.4 views

CVE-2025-63932

D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by cgibin does not filter the HTTP SOAPAction header field. The unauthenticated remote attacker can execute the shell command...

8.1AI score0.06404EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-14107

Malware in sbrugna...

10CVSS9.2AI score0.04483EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-24598

Malware in sbrugna...

9.8CVSS9.2AI score0.01882EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-11326

Malware in sbrugna...

9.8CVSS8AI score0.01499EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-7561

Malicious code in bioql PyPI...

8.1CVSS8.1AI score0.02151EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54340

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00458EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/09/06 4:45 a.m.131 views

Exploit for Code Injection in Xwiki

exploit-scripts...

9.8CVSS7.2AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/07/10 1:9 a.m.408 views

Exploit for CVE-2025-34085

📂 Simple File List – Unauthenticated RCE Exploit CVE-2025-340...

8.4AI score
Exploits9
GithubExploit
GithubExploit
added 2025/07/04 2:59 p.m.126 views

Exploit for Injection in Cisco Identity_Services_Engine

CVE-2025-20281 — Cisco ISE ERS API Unauthenticated RCE Exploit...

10CVSS8.8AI score0.96732EPSS
Exploits10
GithubExploit
GithubExploit
added 2025/06/27 9:7 p.m.451 views

Exploit for Injection in Cisco Identity_Services_Engine

CVE-2025-20281-2-Cisco-ISE-RCE Unauthenticated Python PoC for...

10CVSS7.2AI score0.96732EPSS
Exploits10
Veracode
Veracode
added 2025/06/06 5:6 a.m.6 views

Unauthenticated Remote Code Execution (RCE)

github.com/kro-run/kro is vulnerable to Unauthenticated Remote code execution RCE. The vulnerability is due to a confused-deputy scenario, where users with permission to create or modify ResourceGraphDefinition resources can supply arbitrary container images that kro's controllers deploy and run ...

4.1CVSS5.1AI score0.00323EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:23 a.m.13 views

CVE-2024-40110

Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code Execution RCE vulnerability via the productimage parameter at /farm/product.php...

9.8CVSS7.7AI score0.01909EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:25 a.m.7 views

CVE-2023-37170

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain an unauthenticated remote code execution RCE vulnerability via the lang parameter in the setLanguageCfg function...

9.8CVSS8.5AI score0.01396EPSS
Exploits1
Cvelist
Cvelist
added 2025/04/25 1:2 p.m.17 views

CVE-2024-6198 SNORE Interface Unauthenticated Remote Code Execution

The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker with access to the LAN network interface could u...

7.7CVSS0.00271EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2025/04/18 12:0 a.m.317 views

Tatsu 3.3.11 - Unauthenticated RCE

Exploit Title:Tatsu 3.3.11 - Unauthenticated RCE Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Product: Tatsu wordpress plugin = 3.3.11 CVE:...

8.1CVSS7.4AI score0.83535EPSS
Exploits9
RedhatCVE
RedhatCVE
added 2025/04/01 9:43 p.m.16 views

CVE-2024-13804

Unauthenticated RCE in HPE Insight Cluster Management Utility...

9.8CVSS7.2AI score0.00458EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-26035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33...

9.8CVSS7.3AI score0.80462EPSS
Exploits11References3
Rapid7 Blog
Rapid7 Blog
added 2025/02/28 2:54 p.m.23 views

Metasploit Weekly Wrap-Up: 02/28/2025

New module content 5 mySCADA myPRO Manager Credential Harvester CVE-2025-24865 and CVE-2025-22896 Author: Michael Heinzl Type: Auxiliary Pull request: 19878 contributed by h4x-x0r Path: admin/scada/mypromgrcreds AttackerKB reference: CVE-2025-22896 Description: This module adds credential...

10CVSS9.9AI score0.95151EPSS
Exploits13
Packet Storm
Packet Storm
added 2025/02/11 12:0 a.m.486 views

NetAlertX 24.9.12 Command Injection

An attacker can update NetAlertX settings with no authentication, which results in command injection. Versions 23.01.14 through 24.9.12 are affected. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

7.3AI score0.62307EPSS
Exploits5
Rows per page
Query Builder