Lucene search
K

38 matches found

GithubExploit
GithubExploit
added 2026/05/14 10:48 a.m.82 views

report-anonymizer

🛡️ Report Anonymizer Local LLM anonymizer for penetration-t...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/31 12:13 a.m.6 views

CVE-2025-61120

AG Life Logger Android App version v1.0.2.72 and before package name com.donki.healthy, developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force...

7.5CVSS7AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/30 6:31 p.m.5 views

EUVD-2025-37025

AG Life Logger Android App version v1.0.2.72 and before package name com.donki.healthy, developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force...

7.5CVSS6.5AI score0.0027EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/30 12:0 a.m.4 views

CVE-2025-61120

AG Life Logger Android App version v1.0.2.72 and before package name com.donki.healthy, developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force...

6.7AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.5 views

IOFIT AG Life Logger Android App 安全漏洞

IOFIT AG Life Logger Android App is a sports app from IOFIT Japan. A security vulnerability exists in IOFIT AG Life Logger Android App v1.0.2.72 and earlier versions, which stems from improper access control and a predictable CAPTCHA, and could lead to account disclosure and misuse of cloud...

7.5CVSS6.4AI score0.0027EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.4 views

PT-2025-44431

Name of the Vulnerable Software and Affected Versions Mobile Scanner version 2.12.38 Description The Mobile Scanner Android App has a flaw where cloud service credentials are not handled securely. This could allow attackers to gain access to these credentials and perform unauthorized actions. The...

7.5CVSS6.5AI score0.00274EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/30 12:0 a.m.3 views

CVE-2025-61121

Mobile Scanner Android App version 2.12.38 package name com.glority.everlens, developed by Glority Global Group Ltd., contains a credential leakage vulnerability. Improper handling of cloud service credentials may allow attackers to obtain them and carry out unauthorized actions, such as sensitiv...

5.8AI score0.00274EPSS
Exploits0References1
NVD
NVD
added 2025/08/19 7:15 p.m.32 views

CVE-2025-55306

GenXFX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources Google Cloud...

9.8CVSS0.00523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/25 12:0 a.m.4 views

Microsoft WinJS winjsdevelop Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft WinJS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of WinJS. When installed from the official Microsoft NPM repository, th...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/04/07 12:0 a.m.7 views

Amazon AWS CloudFormation Templates Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Amazon AWS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of AWS Simple Storage Service. When installed from the official GitHub...

9.8CVSS7.8AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2024/10/08 12:0 a.m.6 views

Axis Communications Autodesk Plugin AxisAddin axisapphelpfiles Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Axis Communications Autodesk Plugin. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a cloud resource. The issue results from allowi...

8.8CVSS7.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/23 12:0 a.m.5 views

Amazon AWS aws-glue-with-s2s-vpn Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Amazon AWS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of AWS Glue. When installed from the official GitHub repository, the...

9.8CVSS7.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/05 12:0 a.m.5 views

Microsoft Azure Availability Monitor for Kafka esnewdeveastdockerregistry Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Availability Monitor for Kafka for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Availability Monitor for Kafka...

9.8CVSS7.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/05 12:0 a.m.5 views

Microsoft Technical Case Studies athena-dashboard Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Technical Case Studies. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Technical Case Studies. When installed from the...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/05 12:0 a.m.5 views

Microsoft Azure CollectSFData docs-analytics-eus Uncontrolled Search Path Element Impersonation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CollectSFData for Microsoft Azure. Authentication is not required to exploit this vulnerability. The issue results from a reference to a non-existent cloud resource that is vulnerable to takeover. An...

9.4CVSS7.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/05 12:0 a.m.7 views

Microsoft Azure Aztack aztack1528763526 Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Aztack for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Aztack. When installed from the official Microsoft GitHub...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/05 12:0 a.m.6 views

Microsoft Fluid Framework prague Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Fluid Framework. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Fluid Framework. When installed from the official Microsof...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/05 12:0 a.m.6 views

Microsoft Azure DataStoriesSamples machinelearningdatasets Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of DataStoriesSamples for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of DataStoriesSamples. When installed from the...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/05 12:0 a.m.6 views

Microsoft Azure uAMQP azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of uAMQP. When installed from the official Microsoft GitHub repository,...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/08/05 12:0 a.m.4 views

Microsoft Partner Resources openhacks Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Partner Resources. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Partner Resources. When installed from the official...

9.8CVSS7.7AI score
Exploits0References1
Rows per page
Query Builder