Lucene search
+L

122240 matches found

GithubExploit
GithubExploit
added 4 hours ago10 views

engineering-agent-harness-poc

Engineering Agent Harness — POC skeleton What this proves:...

5.5AI score
Exploits0
GithubExploit
GithubExploit
added 4 hours ago14 views

SecureProxy

SecureProxy Description: SecureProxy is a self-hosted W...

5.8AI score
Exploits0
NVD
NVD
added 6 hours ago4 views

CVE-2026-16218

A vulnerability was detected in hunvreus devpush up to 0.4.6. Affected by this issue is the function resetstorage of the file app/workers/tasks/storage.py of the component Storage Reset Failure Handler. The manipulation results in improper check or handling of exceptional conditions. A high...

2.6CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 6 hours ago2 views

CVE-2026-16218

A vulnerability was detected in hunvreus devpush up to 0.4.6. Affected by this issue is the function resetstorage of the file app/workers/tasks/storage.py of the component Storage Reset Failure Handler. The manipulation results in improper check or handling of exceptional conditions. A high...

2.6CVSS4AI score
Exploits0References7Affected Software1
Cvelist
Cvelist
added 6 hours ago13 views

CVE-2026-16218 hunvreus devpush Storage Reset Failure storage.py reset_storage improper check or handling of exceptional conditions

A vulnerability was detected in hunvreus devpush up to 0.4.6. Affected by this issue is the function resetstorage of the file app/workers/tasks/storage.py of the component Storage Reset Failure Handler. The manipulation results in improper check or handling of exceptional conditions. A high...

2.6CVSS
Exploits0References6
CVE
CVE
added 6 hours ago10 views

CVE-2026-16218

Technical details for CVE-2026-16218 are not publicly available in the provided documents; no affected versions, root cause specifics, or remediation are disclosed here. Monitor for updates.

2.6CVSS4AI score
Exploits0References6
EUVD
EUVD
added 6 hours ago7 views

EUVD-2026-45429

A vulnerability was detected in hunvreus devpush up to 0.4.6. Affected by this issue is the function resetstorage of the file app/workers/tasks/storage.py of the component Storage Reset Failure Handler. The manipulation results in improper check or handling of exceptional conditions. A high...

2.6CVSS4AI score
Exploits0References6
GithubExploit
GithubExploit
added 6 hours ago19 views

Exploit for Use After Free in Linux Linux_Kernel

CVE-2026-46215 Exploit for Linux 7.0 - More Stable & Reliable...

7.8CVSS5.3AI score0.00134EPSS
Exploits2
Nuclei
Nuclei
added 8 hours ago14 views

Windmill/Nextcloud Flow < 1.603.3 - Unauthenticated Path Traversal

Windmill 1.603.3 contains a path traversal caused by unsanitized filename parameter in getlogfile endpoint, letting unauthenticated attackers read arbitrary files on the server, exploit requires no authentication. id: CVE-2026-29059 info: name: Windmill/Nextcloud Flow 1.603.3 - Unauthenticated Pa...

7.5CVSS7.7AI score0.02584EPSS
Exploits0References3
GithubExploit
GithubExploit
added 9 hours ago22 views

react2shell-poc

react2shell-poc Proof-of-concept exploit for CVE-2025-55182...

10CVSS8.4AI score0.99562EPSS
Exploits377
Nuclei
Nuclei
added 9 hours ago185 views

Apache OFBiz < 17.12.07 - Arbitrary Code Execution

Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack id: CVE-2021-29200 info: name: Apache OFBiz 17.12.07 - Arbitrary Code Execution author: your3cho severity: critical description: | Apache OFBiz has unsafe deserialization prior to...

9.8CVSS8.7AI score0.5537EPSS
Exploits0References5
Nuclei
Nuclei
added 9 hours ago45 views

Geoserver - Server-Side Request Forgery

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows server-side request forgery via the option for setting a proxy host. id: CVE-2021-40822 info: name: Geoserver - Server-Side Request Forgery author: For3stCo1d,aringo-bf severity: high description: GeoServer through 2.18.5 and 2.19.x throug...

7.5CVSS7.3AI score0.19761EPSS
Exploits0References5
Nuclei
Nuclei
added 9 hours ago256 views

SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting

SAP Knowledge Warehouse 7.30, 7.31, 7.40, and 7.50 contain a reflected cross-site scripting vulnerability via the usage of one SAP KW component within a web browser. id: CVE-2021-42063 info: name: SAP Knowledge Warehouse =7.5.1 to mitigate the XSS vulnerability. reference: -...

6.1CVSS6.8AI score0.22224EPSS
Exploits3References5
Nuclei
Nuclei
added 9 hours ago85 views

Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal

There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.56, which allows remote attackers to read files in arbitrary directories via a ; in a pathname within an HTTP request. id: CVE-2021-44138 info: name: Caucho Resin =4.0.52 =4.0.56 - Directory travers...

7.5CVSS7.5AI score0.14115EPSS
Exploits1References2
Nuclei
Nuclei
added 9 hours ago107 views

Alibaba Sentinel - Server-side request forgery (SSRF)

There is a Pre-Auth SSRF vulnerability in Alibaba Sentinel version 1.8.2, which allows remote unauthenticated attackers to perform SSRF attacks via the /registry/machine endpoint through the ip parameter. id: CVE-2021-44139 info: name: Alibaba Sentinel - Server-side request forgery SSRF author:...

7.5CVSS7.4AI score0.06485EPSS
Exploits1References1
Nuclei
Nuclei
added 9 hours ago93 views

Grafana Unauthenticated Snapshot Creation

Grafana 6.7.3 through 7.4.1 snapshot functionality can allow an unauthenticated remote attacker to trigger a Denial of Service via a remote API call if a commonly used configuration is set. id: CVE-2021-27358 info: name: Grafana Unauthenticated Snapshot Creation author: pdteam,bing0o severity: hi...

7.5CVSS7.5AI score0.83042EPSS
Exploits0References5
Nuclei
Nuclei
added 9 hours ago153 views

Pega Infinity - Authentication Bypass

Pega Infinity versions 8.2.1 through 8.5.2 contain an authentication bypass vulnerability because the password reset functionality for local accounts can be used to bypass local authentication checks. id: CVE-2021-27651 info: name: Pega Infinity - Authentication Bypass author: idealphase,daffainf...

9.8CVSS8.4AI score0.53841EPSS
Exploits1References5
Nuclei
Nuclei
added 9 hours ago21 views

KodExplorer - Cross-Site Scripting

KodExplorer is susceptible to a reflected cross-site scripting XSS vulnerability in the file view functionality.The vulnerability exists in app/template/api/view.html where user-supplied input in the 'path' parameter is directly echoed without proper sanitization.This allows attackers to inject...

6.1CVSS5.9AI score0.00705EPSS
Exploits0References2
Nuclei
Nuclei
added 9 hours ago62 views

WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting

Multiple cross-site scripting vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 title parameter to app/view/agenda-widget-form.php; 2 args, 3 title, 4 beforetitle, or 5 aftertitle parameter to...

4.3CVSS5.2AI score0.08946EPSS
Exploits2References3
Nuclei
Nuclei
added 9 hours ago111 views

Adobe ColdFusion - Cross-Site Scripting

Adobe Coldfusion versions 2016 update 16 and earlier, 2018 update 10 and earlier and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. An attacker could abuse this vulnerability to execute arbitrary JavaScript code...

5.4CVSS6.7AI score0.37095EPSS
Exploits0References5
Rows per page
Query Builder