Lucene search
K

5278 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:56 a.m.6 views

CVE-2020-12765

Solis Miolo 2.0 allows index.php?module=install=view= Directory Traversal...

5.3CVSS7AI score0.01299EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.7 views

CVE-2020-10192

An issue was discovered in Munkireport before 5.3.0.3923. An unauthenticated actor can send a custom XSS payload through the /report/brokenclient endpoint. The payload will be executed by any authenticated users browsing the application. This concerns app/views/listings/default.php...

6.1CVSS6AI score0.00753EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.9 views

CVE-2021-41097

aurelia-path is part of the Aurelia platform and contains utilities for path manipulation. There is a prototype pollution vulnerability in aurelia-path before version 1.1.7. The vulnerability exposes Aurelia application that uses aurelia-path package to parse a string. The majority of this will b...

9.1CVSS6.7AI score0.05052EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:43 a.m.6 views

CVE-1999-0665

An application-critical Windows NT registry key has an inappropriate value...

10CVSS7AI score0.01904EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:38 a.m.4 views

CVE-1999-0664

An application-critical Windows NT registry key has inappropriate permissions...

10CVSS7AI score0.01904EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:26 a.m.6 views

CVE-2019-12759

Symantec Endpoint Protection Manager SEPM and Symantec Mail Security for MS Exchange SMSMSE, prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicati...

7.8CVSS7.3AI score0.00483EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.9 views

CVE-2024-2649

A vulnerability has been found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /protocol/iscdevicestatus/deleteonlineuser.php. The manipulation of the argument messagecontent leads to sql...

9.8CVSS9.8AI score0.00838EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.12 views

CVE-2024-2648

A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /nac/naccheck.php. The manipulation of the argument username leads to improper neutralization of data within xpath expressions. It is...

5.3CVSS6.8AI score0.00731EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/01/02 7:40 a.m.172 views

OreaHax-Framework

OreaHax-Framework ╔════════════════════════════════════...

7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/12/31 1:49 p.m.6 views

Expanding the Zero Critical Club to set a new standard for AppSec and SecOps teams

We are introducing Zero Code Criticals and Zero Time to Respond clubs to give every team a clear north star for secure development and rapid response...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/29 9:20 p.m.155 views

SQL-Injection-IDPS

Payloads All The Things A list of useful payloads and bypass...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/12/18 9:31 p.m.2 views

EUVD-2025-204361

A CRLF injection vulnerability in Kentico Xperience allows attackers to manipulate URL query string redirects via improper encoding in the routing engine. This could enable header injection and potentially facilitate further web application attacks...

6.9CVSS6.7AI score0.00175EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/12/17 11:56 a.m.148 views

task-3-security-testing

Security Testing for Web Applications Task 3: CODTECH Inte...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/27 1:4 p.m.10 views

CVE-2025-55796

The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted ...

7.5CVSS7.1AI score0.00517EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2025/11/26 5:28 p.m.159 views

lw-cnapp-microservices-iac

Project 2: Microservices with Infrastructure as Code ⚠️ WAR...

8.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2025/11/26 9:25 a.m.7 views

Paris, The Thinker, and why your WAF should block XSS by default

With Thales HQ in Paris, it felt right to detour to the Musée Rodin and stand before The Thinker, the bronze giant by Auguste Rodin whose clenched posture and chin-in-hand stance have become a universal symbol of deep judgment. Conceived for The Gates of Hell in 1880 and first cast monumentally i...

6.3AI score
Exploits0
Redos
Redos
added 2025/11/25 12:0 a.m.9 views

ROS-20251125-12

Vulnerability of QuerySet and Q objects of Django web application development platform is related to failure to take measures to protect the SQL query structure when processing an argument with the connector keyword. Exploitation of the vulnerability could allow an attacker acting remotely to...

9.1CVSS7.1AI score0.19396EPSS
Exploits10
Qualys Blog
Qualys Blog
added 2025/11/20 9:36 p.m.6 views

GenAI: Harness the Power, Eliminate the Risk — A Practical Playbook for Securing AI from Day One

Enterprises everywhere are racing to leverage AI to gain sharper insights, automate workflows, and deliver richer customer experiences. Based on an assessment conducted by Bain & Company, generative AI adoption is soaring, with 95% of US companies using it, up 12 percentage points in just a year...

6.9AI score
Exploits0
HackRead
HackRead
added 2025/11/02 11:43 p.m.6 views

8 Top Application Security Tools (2026 Edition)

The software revolution has redefined what’s possible in global business. Complex applications underpin e-commerce, healthcare, finance, transportation, and…...

7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2025/10/30 12:35 p.m.9 views

What Security Teams Need to Know as PHP and IoT Exploits Surge

Attack automation is accelerating, widening the window between detection and response. Qualys TRU telemetry reveals how these attacks unfold and what defenders can do next. The Qualys Threat Research Unit TRU has identified a sharp increase in attacks targeting PHP servers, IoT devices, and cloud...

10CVSS10AI score0.99999EPSS
Exploits111
Rows per page
Query Builder