Lucene search
K

2884 matches found

Qualys Blog
Qualys Blog
added 2025/12/19 9:1 p.m.11 views

Your Guide to PCI DSS 4.0.1 Web Application and API Controls with a Simplified Path to Compliance

Executive Summary PCI DSS 4.0.1 compliance mandates stricter security controls for web applications and APIs. Key updates include maintaining an inventory of custom software PCI 6.3.2 and managing payment page scripts to prevent skimming attacks PCI 6.4.3. Organizations must also adopt risk-based...

6.9AI score
Exploits0
Securelist
Securelist
added 2025/12/11 7:30 a.m.12 views

It didn’t take long: CVE-2025-55182 is now under active exploitation

On December 4, 2025, researchers published details on the critical vulnerability CVE-2025-55182, which received a CVSS score of 10.0. It has been unofficially dubbed React2Shell, as it affects React Server Components RSC functionality used in web applications built with the React library. RSC...

10CVSS7.9AI score0.99562EPSS
Exploits374
Fedora
Fedora
added 2025/11/22 1:38 a.m.8 views

[SECURITY] Fedora 43 Update: dotnet10.0-10.0.100-1.fc43

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

6.8AI score
Exploits0
GithubExploit
GithubExploit
added 2025/11/18 5:57 p.m.206 views

Snitch__Scan

PoC exploit for XSS Vulnerability Scanner. This tool is designed...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/17 12:0 a.m.6 views

Wapiti Web Application Vulnerability Scanner 3.2.10

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...

7AI score
Exploits0
Fedora
Fedora
added 2025/11/13 1:10 a.m.7 views

[SECURITY] Fedora 42 Update: rubygem-rack-2.2.21-9.fc42

Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a single...

7.5CVSS7.1AI score0.35376EPSS
Exploits3
Fedora
Fedora
added 2025/11/13 12:51 a.m.5 views

[SECURITY] Fedora 43 Update: rubygem-rack-3.1.19-1.fc43

Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a single...

7.5CVSS6.6AI score0.00868EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.5 views

Node.js Express DevMode Enabled

Node.js Express installed on the remote host is configured to operate in development mode devMode. While this environment can help speed up development of web applications, it can leak information about the underlying web applications as well as the installation of Express, Node.js. No source dat...

6.7AI score
Exploits0References1
GithubExploit
GithubExploit
added 2025/10/11 5:53 p.m.293 views

Exploit for Missing Authentication for Critical Function in Flowiseai Flowise

It is an offensive tool for web application exploitation. This r...

9.8CVSS8.1AI score0.50118EPSS
Exploits15
GithubExploit
GithubExploit
added 2025/10/09 3:18 p.m.229 views

nightmare-exploits

It is an offensive tool for web applications. Exploits targeting...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/09 12:0 a.m.6 views

ANCORA: Accurate Intrusion Recovery for Web Applications

Modern web application recovery presents a critical dilemma. Coarse-grained snapshot rollbacks cause unacceptable data loss for legitimate users. Surgically removing an attack's impact is hindered by a fundamental challenge in high-concurrency environments: it is difficult to attribute resulting...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-4797

Malware in sbrugna...

5CVSS6.4AI score0.02322EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-2582

Malware in sbrugna...

5.5CVSS6.4AI score0.01504EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2020-22384

Malware in sbrugna...

8.2CVSS8.2AI score0.01314EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-2436

Malware in sbrugna...

5CVSS6.4AI score0.03296EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-2581

Malware in sbrugna...

4.3CVSS6.4AI score0.01513EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-0292

Malware in sbrugna...

5.5CVSS6.4AI score0.01634EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2003-0407

Malware in sbrugna...

6.8CVSS6.4AI score0.06739EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-14634

Malware in sbrugna...

8.8CVSS8.4AI score0.01277EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-4745

Malware in sbrugna...

4.6CVSS6.4AI score0.00349EPSS
Exploits0References4
Rows per page
Query Builder