2884 matches found
Exploit for CVE-2025-48757
Vibe Coding Security Scanner A security audit skill for AI-as...
AutoEG: Exploiting Known Third-Party Vulnerabilities in Black-Box Web Applications
Large-scale web applications are widely deployed with complex third-party components, inheriting security risks arising from component vulnerabilities. Security assessment is therefore required to determine whether such known vulnerabilities remain practically exploitable in real applications...
[SECURITY] Fedora 42 Update: dotnet9.0-9.0.115-1.fc42
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 44 Update: dotnet8.0-8.0.125-1.fc44
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 44 Update: dotnet10.0-10.0.104-1.fc44
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
Leveraging Large Language Models for Trustworthiness Assessment of Web Applications
The widespread adoption of web applications has made their security a critical concern and has increased the need for systematic ways to assess whether they can be considered trustworthy. However, "trust" assessment remains an open problem as existing techniques primarily focus on detecting known...
PT-2026-25811
🚨 FRESH TOP THREAT ALERT 🚨 Critical RCE in Apache Tomcat March 16, 2026: CVE-2026-89102 – CVSS 9.8! Unauthenticated attackers can send one crafted request to trigger a deserialization flaw and execute arbitrary code on the server. Hits thousands of Java web apps worldwide. Remediation: Upgrade...
Exploit for Cross-site Scripting in Quantizor Markdown-To-Jsx
███████╗██╗ ██╗ █████╗ ██████╗ ██╗███╗ ██╗ ██████╗ █████...
CVE-2026-0846
A flaw was found in the nltk component. This vulnerability, specifically within the filestring function of the nltk.util module, allows an attacker to perform arbitrary file reads. By providing specially crafted input paths, either absolute or using directory traversal, an attacker can bypass inp...
Exploit for Cross-site Scripting in Bdtask Multi_Store_Inventory_Management_System
CVE-2024-2997 Scanner !Versionhttps://img.shields.io/badge...
Exploit for Cross-site Scripting in Bdtask Multi_Store_Inventory_Management_System
CVE-2024-2997 Scanner !Versionhttps://img.shields.io/badge...
SPARTAN
SPARTAN v2.0 — Autonomous Security Audit & Exploit Agent...
Integrating Advanced API Security with Imperva Gateway Environment
As APIs power the majority of modern web applications, implementing robust API security is no longer optional - it’s a critical necessity for data protection. This guide explores how to seamlessly integrate API gateway security into your Imperva on-premises environment to mitigate OWASP Top 10...
Introducing AI Cyber Model Arena: A Real-World Benchmark for AI Agents in Cybersecurity
Wiz Research’s AI Cyber Model Arena benchmarks offensive AI security on 257 real-world challenges zero-days, CVEs, API/web, and cloud across AWS/Azure/GCP/K8s demonstrating what AI models and agents can really do...
Rubikon Easy Transfer 跨站脚本漏洞
Rubikon Easy Transfer is a file transfer application developed by Rubikon Corporation. Version 1.7 of Rubikon Easy Transfer contains a cross-site scripting vulnerability. This vulnerability stems from improper input validation of the oldPath, newPath, and path parameters during the creation of...
EZCast Pro II security vulnerabilities
EZCast Pro II is a computer screen-sharing software developed by EZCast Corporation in China. This software allows for wireless sharing of data from computer devices onto televisions or projection screens. EZCast Pro supports screen allocation and projection permissions. Version 1.17478.146 of...
BreachLock Expands Adversarial Exposure Validation (AEV) to Web Applications
New York, United States, 15th January 2026, CyberNewsWire...
CVE-2021-2434
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Application Service. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More
The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit. This week's stories...
SQLMAP - Automatic SQL Injection Tool 1.10
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive...