2884 matches found
Your Guide to PCI DSS 4.0.1 Web Application and API Controls with a Simplified Path to Compliance
Executive Summary PCI DSS 4.0.1 compliance mandates stricter security controls for web applications and APIs. Key updates include maintaining an inventory of custom software PCI 6.3.2 and managing payment page scripts to prevent skimming attacks PCI 6.4.3. Organizations must also adopt risk-based...
It didn’t take long: CVE-2025-55182 is now under active exploitation
On December 4, 2025, researchers published details on the critical vulnerability CVE-2025-55182, which received a CVSS score of 10.0. It has been unofficially dubbed React2Shell, as it affects React Server Components RSC functionality used in web applications built with the React library. RSC...
[SECURITY] Fedora 43 Update: dotnet10.0-10.0.100-1.fc43
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
Snitch__Scan
PoC exploit for XSS Vulnerability Scanner. This tool is designed...
Wapiti Web Application Vulnerability Scanner 3.2.10
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...
[SECURITY] Fedora 42 Update: rubygem-rack-2.2.21-9.fc42
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a single...
[SECURITY] Fedora 43 Update: rubygem-rack-3.1.19-1.fc43
Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a single...
Node.js Express DevMode Enabled
Node.js Express installed on the remote host is configured to operate in development mode devMode. While this environment can help speed up development of web applications, it can leak information about the underlying web applications as well as the installation of Express, Node.js. No source dat...
Exploit for Missing Authentication for Critical Function in Flowiseai Flowise
It is an offensive tool for web application exploitation. This r...
nightmare-exploits
It is an offensive tool for web applications. Exploits targeting...
ANCORA: Accurate Intrusion Recovery for Web Applications
Modern web application recovery presents a critical dilemma. Coarse-grained snapshot rollbacks cause unacceptable data loss for legitimate users. Surgically removing an attack's impact is hindered by a fundamental challenge in high-concurrency environments: it is difficult to attribute resulting...
EUVD-2005-4797
Malware in sbrugna...
EUVD-2012-2582
Malware in sbrugna...
EUVD-2020-22384
Malware in sbrugna...
EUVD-2007-2436
Malware in sbrugna...
EUVD-2012-2581
Malware in sbrugna...
EUVD-2007-0292
Malware in sbrugna...
EUVD-2003-0407
Malware in sbrugna...
EUVD-2017-14634
Malware in sbrugna...
EUVD-2005-4745
Malware in sbrugna...