Lucene search
K

33930 matches found

GithubExploit
GithubExploit
added 2026/05/12 5:36 a.m.99 views

Exploit for CVE-2024-12912

Origasus origasus.go ile derlenen, ASUS AiCloud / AsusWRT i...

9.2CVSS5.8AI score0.15087EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/05/12 4:36 a.m.117 views

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

CVE-2023-27163 — request-baskets SSRF Exploit I wrote this ex...

6.5CVSS6.7AI score0.07497EPSS
Exploits29
EUVD
EUVD
added 2026/05/12 3:31 a.m.8 views

EUVD-2026-29372

Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perform malicious configuration upload and code injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the applicati...

9.6CVSS6AI score0.0061EPSS
Exploits0References3
NVD
NVD
added 2026/05/12 3:16 a.m.13 views

CVE-2026-34263

Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application...

9.6CVSS0.0061EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 2:20 a.m.46 views

CVE-2026-34263 Missing authentication check in SAP Commerce cloud configuration

Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application...

9.6CVSS0.0061EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 2:20 a.m.10 views

CVE-2026-34263 Missing authentication check in SAP Commerce cloud configuration

Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application...

9.6CVSS6AI score0.0061EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:20 a.m.5 views

CVE-2026-34263

Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application...

9.6CVSS6AI score0.0061EPSS
Exploits0References3
CVE
CVE
added 2026/05/12 2:20 a.m.17 views

CVE-2026-34263

SAP Commerce Cloud is affected by CVE-2026-34263 due to a Spring Security misconfiguration that allows an unauthenticated user to upload malicious configuration and inject code, enabling arbitrary server-side code execution. The entry states high impact to Confidentiality, Integrity, and Availabi...

9.6CVSS6AI score0.0061EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 12:12 a.m.20 views

CVE-2026-45321 Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself...

9.6CVSS6AI score0.02342EPSS
Exploits3References4
EUVD
EUVD
added 2026/05/12 12:12 a.m.10 views

EUVD-2026-29352

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself...

9.6CVSS5.8AI score0.02342EPSS
Exploits3References2
Cvelist
Cvelist
added 2026/05/12 12:12 a.m.58 views

CVE-2026-45321 Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself...

9.6CVSS0.02342EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-39995

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

9.2CVSS5.8AI score0.00239EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.9 views

PT-2026-40461

Name of the Vulnerable Software and Affected Versions Claris FileMaker Cloud versions prior to 2.22.0.5 Description A Remote Code Execution issue allows a user with Admin Console privileges to inject arbitrary operating system commands. This occurs due to unsanitized input within the External ODB...

7.2CVSS6AI score0.00457EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Microsoft Windows Cloud Files Mini Filter Driver 资源管理错误漏洞

The Microsoft Windows Cloud Files Mini Filter Driver is a cloud file filter driver developed by Microsoft Corporation. The Microsoft Windows Cloud Files Mini Filter Driver has a resource management vulnerability. The following products and versions are affected: Windows Server 2019, Windows Serve...

7.8CVSS5.8AI score0.02117EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Microsoft Windows Cloud Files Mini Filter Driver 安全漏洞

The Microsoft Windows Cloud Files Mini Filter Driver is a cloud file filter driver developed by Microsoft Corporation. There are security vulnerabilities present in the Microsoft Windows Cloud Files Mini Filter Driver. Attackers can exploit these vulnerabilities to gain higher privileges. The...

7.8CVSS5.8AI score0.00202EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Claris FileMaker Cloud 安全漏洞

Claris FileMaker Cloud is a cloud platform provided by the American company Claris, designed for enterprise-level low-code database application development and hosting scenarios. Versions of Claris FileMaker Cloud prior to 2.22.0.5 contained security vulnerabilities. These vulnerabilities stemmed...

7.2CVSS5.9AI score0.00457EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Google Cloud AlloyDB for PostgreSQL 安全漏洞

Google Cloud AlloyDB for PostgreSQL is a cloud-native, high-performance relational database service from Google Inc. That service is compatible with PostgreSQL. Versions of Google Cloud AlloyDB for PostgreSQL prior to 2025-11-03 contained a security vulnerability. This vulnerability stemmed from...

9.2CVSS5.9AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.9 views

PT-2026-40156

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.9 views

PT-2026-40179

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00202EPSS
Exploits0References2
Spring Security Advisories
Spring Security Advisories
added 2026/05/12 12:0 a.m.10 views

This Week in Spring - May 12th, 2026

Hi, Spring fans! As I write this I am in Miami, FL at the CodeRemix.ai show, focused on the wide and wonderful world of OpenRewrite and Moderne. I've got a talk to give so let's dive right into it! a quick note about the upcoming release train dates in last week's installment of A Bootiful Podcas...

5.8AI score
Exploits0
Rows per page
Query Builder