Lucene search
+L

253 matches found

gitee
gitee
added 2025/09/13 5:14 p.m.115 views

ExploitOnCLI

This is an offensive tool for searching exploits in multiple databases. The tool, named ExploitOnCLI or EOC, is written in PHP for Linux and allows users to search for exploits in various databases, including Exploit-DB, PacketStormSecurity, IEDB, Siph0n, CXSecurity, and Exploit4Arab. The tool ca...

6.8AI score
Exploits0
vulnrichment
vulnrichment
added 2025/08/07 12:0 a.m.5 views

CVE-2025-45765

ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also."...

7.5AI score0.00162EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/07/21 12:0 a.m.4 views

hMailServer 安全漏洞

hMailServer is an open source mail server from hMailServer Open Source. A security vulnerability exists in hMailServer version 5.8.6 and 5.6.9-beta, which stems from the use of hard-coded keys in BlowFish.cpp, which could lead to the decryption of database connection passwords...

4.6CVSS6.7AI score0.00294EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/06/18 12:0 a.m.4 views

miniTCG 安全漏洞

miniTCG is an automated collectible card game by the individual developer Carina aka Neko Cari. A security vulnerability exists in miniTCG v1.3.1 beta, which stems from uncleaned input and could lead to a cross-site scripting attack...

5.9CVSS5.9AI score0.00314EPSS
Exploits0References4
githubexploit
githubexploit
added 2025/06/02 8:6 a.m.85 views

Exploit for CVE-2025-52159

This vulnerability chains has been assigned the following CVE ID...

8.8CVSS8.7AI score0.00556EPSS
Exploits5
redhatcve
redhatcve
added 2025/06/01 4:35 a.m.9 views

CVE-2025-48491

Project AI is a platform designed to create AI agents. Prior to the pre-beta version, a hardcoded API key was present in the source code. This issue has been patched in the pre-beta version...

6.9CVSS6.8AI score0.00478EPSS
Exploits0References1
nvd
nvd
added 2025/05/30 4:15 a.m.29 views

CVE-2025-48491

Project AI is a platform designed to create AI agents. Prior to the pre-beta version, a hardcoded API key was present in the source code. This issue has been patched in the pre-beta version...

6.9CVSS0.00478EPSS
Exploits0References9
cve
cve
added 2025/05/30 3:38 a.m.69 views

CVE-2025-48491

CVE-2025-48491 affects Project AI, a platform for creating AI agents. The root cause is a hardcoded API key present in the source code before the pre‑beta version. The issue has been patched in the pre‑beta version, mitigating exposure. Public details in connected documents confirm this remediati...

6.9CVSS6.5AI score0.00478EPSS
Exploits0References9
osv
osv
added 2025/05/30 3:38 a.m.7 views

CVE-2025-48491 Project AI API Key Exposure in Source Code

Project AI is a platform designed to create AI agents. Prior to the pre-beta version, a hardcoded API key was present in the source code. This issue has been patched in the pre-beta version...

6.9CVSS6.8AI score0.00478EPSS
Exploits0References11
redhatcve
redhatcve
added 2025/05/23 3:19 a.m.5 views

CVE-2023-23621

Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and version 3.1.0.beta2 on the beta and tests-passed branches, a malicious user can cause a regular expression denial of service using a carefully crafted user agent. This issue is patched in version 3.0....

8.6CVSS7.2AI score0.00868EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 9:31 p.m.10 views

CVE-2021-21283

Flarum is an open source discussion platform for websites. The "Flarum Sticky" extension versions 0.1.0-beta.14 and 0.1.0-beta.15 has a cross-site scripting vulnerability. A change in release beta 14 of the Sticky extension caused the plain text content of the first post of a pinned discussion to...

5.4CVSS6.2AI score0.00787EPSS
Exploits0References1
cve
cve
added 2025/04/30 2:55 p.m.65 views

CVE-2025-32376

CVE-2025-32376 affects Discourse, where the DM limit enforcement could be bypassed. Affected versions are Discourse stable < 3.4.3 and beta

4.8CVSS6.3AI score0.00216EPSS
Exploits0References2Affected Software1
vulnersosv
vulnersosv
added 2025/04/11 2:9 p.m.4 views

actix-session-surrealdb (>=0.1.0 <=0.1.5) potentially affected by unknown CVE via surrealdb (=1.0.0-beta.9)

surrealdb CARGO version =1.0.0-beta.9 is affected by a known vulnerability. The following packages have a transitive dependency on surrealdb and may be impacted: - actix-session-surrealdb =0.1.0, =0.1.5 Source cves: unknown CVE Source advisory: OSV:GHSA-5Q9X-554G-9JGG...

5.8AI score
Exploits0
ptsecurity
ptsecurity
added 2025/03/10 12:0 a.m.7 views

PT-2025-10613

Name of the Vulnerable Software and Affected Versions autogpt-platform versions prior to autogpt-platform-beta-v0.4.2 Description The issue is related to a server-side request forgery SSRF vulnerability inside the Send Web Request component. The root cause is that IPV6 addresses are not restricte...

8.7CVSS5.8AI score0.00534EPSS
Exploits1References11
ptsecurity
ptsecurity
added 2025/01/24 12:0 a.m.10 views

PT-2025-4592 · Coolify · Coolify

Name of the Vulnerable Software and Affected Versions: Coolify versions 4.0.0-beta.358 and earlier Description: The issue allows attackers to inject arbitrary shell commands by altering the project name, potentially resulting in full system compromise, creation, modification, or deletion of...

9.3CVSS7.6AI score0.00282EPSS
Exploits1References6
cnnvd
cnnvd
added 2024/12/20 12:0 a.m.3 views

Uptime Kuma 路径遍历漏洞

Uptime Kuma is an easy-to-use, self-hosted monitoring tool from the individual developer Louis Lam. A path traversal vulnerability exists in Uptime Kuma versions 1.23.0 through 1.23.15 and 2.0.0-beta.0, which stems from a lack of server-side validation and cleanup stemming from a URL field in the...

6.8CVSS6.2AI score0.01829EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2024/11/22 8:11 p.m.4 views

actix-session-surrealdb (>=0.1.0 <=0.1.5) potentially affected by unknown CVE via surrealdb (=1.0.0-beta.9)

surrealdb CARGO version =1.0.0-beta.9 is affected by a known vulnerability. The following packages have a transitive dependency on surrealdb and may be impacted: - actix-session-surrealdb =0.1.0, =0.1.5 Source cves: unknown CVE Source advisory: OSV:GHSA-M52V-24P8-654F...

5.8AI score
Exploits0
ptsecurity
ptsecurity
added 2024/11/22 12:0 a.m.4 views

PT-2024-41125 · Git · V8

Outdated dependency on V8 found see policy. Please update to the latest beta, stable, or extended stable versions...

7.2AI score
Exploits0References1
cnnvd
cnnvd
added 2024/11/14 12:0 a.m.4 views

WordPress plugin Easy CSV Importer BETA 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in...

10CVSS8.3AI score0.00496EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/10/14 12:0 a.m.7 views

PT-2024-7289 · Nginx · Nginx-Ui

Name of the Vulnerable Software and Affected Versions: Nginx UI versions prior to 2.0.0-beta.36 Description: The issue is related to the Nginx UI's configuration of logrotate, where it does not verify input and directly passes it to exec.Command, causing arbitrary command execution. This allows a...

10CVSS8.1AI score0.23491EPSS
Exploits1References12
Rows per page
Query Builder