2358 matches found
Vulnerability-Scanner-using-Ollama-3-
Vulnerability Scanning & Exploitation Toolkit A Python-based...
ROS-20260508-73-0008
Vulnerability in roundcubemail related to the inclusion of features from an invalid controlled scope. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260506-73-0032
Vulnerability in tomcat10 related to insufficient protection of registration data. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...
Exploit for Missing Authentication for Critical Function in Cpanel
cpanel-pwn cPanel/WHM security testing toolkit. Implements th...
Zero Day Attacks: Novel Behaviour or Novel Vulnerability?
Zero-day attacks pose severe cybersecurity risks due to their high success rates and stealth. Because signature-based approaches struggle to detect such attacks, building Intrusion Detection Systems IDSs for detecting zero-day attacks is essential. We contend that for an IDS to be effective it mu...
EUVD-2026-24451
Vulnerability in the Oracle Application Development Framework ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where...
CVE-2026-34866
Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality...
ROS-20260403-73-0016
A vulnerability in the drivers/i2c/busses/i2c-qup.c component of the Linux kernel is related to an unverified return value. Exploitation of the vulnerability allows an attacker to cause a denial of service...
Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders
Every year, the Cisco Talos Year in Review captures the patterns shaping the threat landscape. The 2025 report paints a clear picture: Attackers are moving faster than ever, while using identity-related attacks as the primary battleground. To unpack the biggest takeaways and what they mean for...
AutoEG: Exploiting Known Third-Party Vulnerabilities in Black-Box Web Applications
Large-scale web applications are widely deployed with complex third-party components, inheriting security risks arising from component vulnerabilities. Security assessment is therefore required to determine whether such known vulnerabilities remain practically exploitable in real applications...
Exploit for Server-Side Request Forgery in Apache Cxf
Apache CXF XOP Include LFI CVE-2022-46364 Overview This...
Exploit for CVE-2024-11114
Chromium Exploit Development Toolkit A toolkit for weaponizing...
The Attack Cycle is Accelerating: Announcing the Rapid7 2026 Global Threat Landscape Report
The predictive window has collapsed. In 2025, high-impact vulnerabilities weren’t quietly accumulating risk. They were operationalized, and often within days. Today, Rapid7 Labs released the 2026 Global Threat Landscape Report, an in-depth analysis of how attacker behavior is evolving across...
Exploit for Path Traversal in Apache Http_Server
🕵️ HACKNET v2.4.1 —...
PT-2026-7371
Name of the Vulnerable Software and Affected Versions After Effects versions 25.6 and earlier Description The software is susceptible to an Out-of-bounds Read issue, potentially leading to memory exposure. An attacker could exploit this to gain access to sensitive information stored in memory...
Co-RedTeam: Orchestrated Security Discovery and Exploitation with LLM Agents
Large language models LLMs have shown promise in assisting cybersecurity tasks, yet existing approaches struggle with automatic vulnerability discovery and exploitation due to limited interaction, weak execution grounding, and a lack of experience reuse. We propose Co-RedTeam, a security-aware...
ROS-20260202-73-0045
A vulnerability in the kfdprocess.c component of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Exploit for CVE-2026-24061
CVE-2026-24061 Vulnerability Detection and Exploitation Tool...
Secure-Programming-and-Exploiting-Vulnerabilities
Secure-P...
EUVD-2026-4632
Click2Magic 1.1.5 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts in the chat name input. Attackers can craft a malicious payload in the chat name to capture administrator cookies when the admin processes user requests...