Lucene search
K

2884 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2021-29102

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00705EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-3016

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00682EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-18622

Malicious code in bioql PyPI...

6.1CVSS6.9AI score0.00327EPSS
Exploits0References1
Gitee
Gitee
added 2025/09/28 8:37 p.m.84 views

gauntlt

This is an offensive tool for web application security testing. It is a ruggedization framework that enables security testing that is usable by devs, ops, and security. The tool is called Gauntlt. The target product/service or framework is not explicitly stated, but based on the examples provided...

7.9AI score
Exploits0
GithubExploit
GithubExploit
added 2025/09/23 7:1 p.m.169 views

xss.yaml

It is an offensive tool for web application security testing. Th...

5.8AI score
Exploits0
Fedora
Fedora
added 2025/09/16 1:15 a.m.7 views

[SECURITY] Fedora 42 Update: perl-Catalyst-Plugin-Session-0.44-1.fc42

This plugin is the base of two related parts of functionality required for session management in web applications. The first part, the State, is getting the browser to repeat back a session key, so that the web application can identify the client and logically string several requests together int...

6.5CVSS6.5AI score0.00252EPSS
Exploits0
Gitee
Gitee
added 2025/09/14 6:33 p.m.80 views

PocCollect

This repository is an offensive tool for vulnerability scanning and exploitation, specifically targeting various web applications and services. The primary vulnerability class targeted is SQL injection, with specific examples of exploits for Struts2, 08CMS, and ASPCMS. The tool is written in Pyth...

7.7AI score
Exploits0
Gitee
Gitee
added 2025/09/14 1:24 p.m.83 views

anti-xss

It is an offensive tool for PHP. The primary CVE ID is not explicitly mentioned in the provided context, but the tool is designed to prevent Cross-site scripting XSS attacks. The target product/service is PHP, and the vulnerability class/vector is XSS. The probable entry points are not explicitly...

5.7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/09/14 6:59 a.m.72 views

CVE

It is an offensive tool for web applications. The repository app...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/13 12:0 a.m.6 views

TPSQLi: Test Prioritization for SQL Injection Vulnerability Detection in Web Applications

The rapid proliferation of network applications has led to a significant increase in network attacks. According to the OWASP Top 10 Projects report released in 2021, injection attacks rank among the top three vulnerabilities in software projects. This growing threat landscape has increased the...

7.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/09 12:0 a.m.8 views

Aspect-Oriented Programming in Secure Software Development: a Case Study of Security Aspects in Web Applications

Security remains a critical challenge in modern web applications, where threats such as unauthorized access, data breaches, and injection attacks continue to undermine trust and reliability. Traditional Object-Oriented Programming OOP often intertwines security logic with business functionality,...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2025/09/06 4:27 a.m.135 views

XSSVulnerabilityScanner

It is an offensive tool for web application security testing. Th...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/29 12:0 a.m.4 views

SUSE SLES15: tomcat10 / tomcat10-admin-webapps / tomcat10-doc / etc (SUSE-SU-2025:03006-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03006-1 advisory. Updated to Tomcat 10.1.44: - CVE-2025-48989: Fixed 'MadeYouReset' DoS in HTTP/2 due to client triggered stream reset bsc12438...

7.5CVSS7.1AI score0.03389EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/08/28 8:3 a.m.2 views

Security update for tomcat10

This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.44: CVE-2025-48989: Fixed "MadeYouReset" DoS in HTTP/2 due to client triggered stream reset bsc1243895 Other fixes: Catalina Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one or...

8.7CVSS7.3AI score0.03389EPSS
Exploits0References4
OSV
OSV
added 2025/08/28 8:2 a.m.1 views

SUSE-SU-2025:03006-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.44: - CVE-2025-48989: Fixed 'MadeYouReset' DoS in HTTP/2 due to client triggered stream reset bsc1243895 Other fixes: - Catalina + Fix: Fix bloom filter population for archive indexing when using a packed WAR containing o...

7.5CVSS7AI score0.03389EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/28 12:0 a.m.3 views

SUSE SLES15: tomcat11 / tomcat11-admin-webapps / tomcat11-doc / etc (SUSE-SU-2025:02992-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02992-1 advisory. Updated to Tomcat 11.0.10 - CVE-2025-48989: Fixed 'MadeYouReset' DoS in HTTP/2 due to client triggered stream reset bsc124389...

7.5CVSS7.1AI score0.03389EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.4 views

RHEL 9 : mod_security (RHSA-2025:13716)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13716 advisory. ModSecurity is an open source intrusion detection and prevention engine for web applications. Security Fixes: modsecurity: ModSecurity Denial of...

7.5CVSS8.1AI score0.0076EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.332 views

VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting (XSS)

VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Exploit Title: VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting XSS - Date: 2025-08-08 - Exploit Author: Imraan Khan Lich-Sec - Vendor Homepage: https://www.vmware.com - Version: vSphere Client 8.0.3.0 - Tested On:...

4.3CVSS7.4AI score0.00785EPSS
Exploits2
Gitee
Gitee
added 2025/08/09 11:2 p.m.90 views

commix

This is an automated all-in-one OS command injection exploitation tool. It is designed to automate the detection and exploitation of command injection vulnerabilities. The tool is written in Python and is available on GitHub under the GPLv3 license. It can be installed by cloning the official Git...

8.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.3 views

PT-2025-32003 · Fiber · Fiber

Name of the Vulnerable Software and Affected Versions: Fiber versions 2.52.8 and below Description: Fiber is an Express inspired web framework written in Go. When using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704...

8.7CVSS6.5AI score0.00355EPSS
Exploits0References11
Rows per page
Query Builder