Lucene search
K

102789 matches found

GithubExploit
GithubExploit
added 2026/05/17 4:46 a.m.73 views

Vapt-web-application-lab

No d...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/17 4:8 a.m.76 views

Advance_WAF_project_CS

WAFinity - Infinite Protection, Intelligent Detection WAFin...

5.9AI score
Exploits0
Fedora
Fedora
added 2026/05/17 12:50 a.m.25 views

[SECURITY] Fedora 43 Update: yelp-49.1-1.fc43

Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including traditional man pages, info pages and documentation written in DocBook...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/16 10:32 p.m.89 views

bug-bounty-reports

Bug Bounty Reports — Josef Basner Sanitized, redacted, resp...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/16 4:16 p.m.13 views

CVE-2021-47971

My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...

8.7CVSS0.00284EPSS
Exploits0References2
NVD
NVD
added 2026/05/16 4:16 p.m.9 views

CVE-2021-47972

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...

8.7CVSS0.00284EPSS
Exploits0References2
CVE
CVE
added 2026/05/16 3:26 p.m.12 views

CVE-2021-47972

The CVE-2021-47972 entry affects Sticky Notes & Color Widgets 1.4.2 and describes a denial-of-service: attackers can crash the application by pasting excessively long character strings into note fields, causing crashes and unresponsiveness. The connected documents confirm the affected product/ver...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2
CVE
CVE
added 2026/05/16 3:26 p.m.14 views

CVE-2021-47971

CVE-2021-47971 affects My Notes Safe 5.3 and describes a denial of service via a buffer overflow. According to the connected documents, an attacker can crash the application by pasting excessively long strings into note fields: a payload of about 350,000 repeated characters pasted twice into a ne...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/16 3:26 p.m.11 views

EUVD-2021-34827

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:26 p.m.8 views

CVE-2021-47971

My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2026/05/16 5:37 a.m.15 views

Stored Cross-Site Scripting

XWiki Blog Application is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper escaping of blog post titles before insertion into the HTML tag, allowing attackers with blog editing permissions to inject malicious JavaScript that executes in the browser of users...

9CVSS5.8AI score0.00353EPSS
Exploits3References3Affected Software1
Veracode
Veracode
added 2026/05/16 5:29 a.m.15 views

Sensitive Information Exposure

com.ritense.valtimo, web is vulnerable to sensitive information exposure. The vulnerability is due to the LoggingRestClientCustomizer automatically logging full HTTP request and response details, including headers and bodies, in error messages, which allows an attacker to access sensitive...

7.6CVSS5.8AI score0.002EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2026/05/16 5:5 a.m.18 views

Use After Free

Electron is vulnerable to Use After Free. The vulnerability is due to improper handling of child windows in offscreen rendering mode after the parent WebContents is destroyed, which allows an attacker to trigger memory corruption or application crashes through crafted child window interactions...

8.1CVSS5.8AI score0.00444EPSS
Exploits0References5Affected Software1
GithubExploit
GithubExploit
added 2026/05/16 2:50 a.m.95 views

Exploit for CVE-2026-8181

CVE-2026-8181 - Burst Statistics Authentication Bypass Exploit...

9.8CVSS5.8AI score0.14608EPSS
Exploits10
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.13 views

PT-2026-41455

Name of the Vulnerable Software and Affected Versions Color Notes version 1.4 Description A denial of service issue allows attackers to crash the application by pasting excessively long character strings into note fields. Specifically, pasting a payload containing 350,000 repeated characters twic...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.14 views

PT-2026-41459

Name of the Vulnerable Software and Affected Versions Sticky Notes Widget version 3.0.6 Description A denial of service issue allows attackers to crash the application on iOS devices. This occurs when excessively long character strings are pasted into note fields. Specifically, pasting a payload...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References4
OSV
OSV
added 2026/05/15 9:31 p.m.10 views

GHSA-W42G-JJ8W-FJ77 Duplicate Advisory: phpMyFAQ: Stored XSS via Utils::parseUrl() in comment rendering

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9525-27vj-c8r8. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl that allows authenticat...

8.3CVSS5.1AI score0.00215EPSS
Exploits0References4
OSV
OSV
added 2026/05/15 9:31 p.m.11 views

GHSA-W9MJ-GFRM-HJ5X Duplicate Advisory: phpMyFAQ has an Authorization Bypass in All Admin Pages Due to Non-Terminating Permission Check

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hpgw-ww76-c68r. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains an authorization bypass vulnerability in...

7.1CVSS5.6AI score0.00303EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/15 9:19 p.m.9 views

CVE-2026-45301

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.3.16, a missing permission check in all files related API endpoints allows any authenticated user to list, access and delete every file uploaded by every user to the platform. This...

8.1CVSS5.8AI score0.00273EPSS
Exploits1References2Affected Software1
Fedora
Fedora
added 2026/05/15 9:9 p.m.12 views

[SECURITY] Fedora 43 Update: nginx-mod-naxsi-1.6-17.fc43

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

9.2CVSS6AI score0.61469EPSS
Exploits41
Rows per page
Query Builder