Lucene search
K

223 matches found

Nuclei
Nuclei
added 3 days ago16 views

Drupal Core - Anonymous SQL Injection via PostgreSQL Entity Query

Drupal core from 8.9.0 before 10.4.10, 10.5.0 before 10.5.10, 10.6.0 before 10.6.9, 11.0.0 before 11.1.10, 11.2.0 before 11.2.12, and 11.3.0 before 11.3.10 contains an SQL injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL...

9.8CVSS7AI score0.84631EPSS
Exploits13References2
GithubExploit
GithubExploit
added 2026/06/16 5:49 p.m.70 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 ⚠ This tool is created solely for education...

9.8CVSS6.2AI score0.981EPSS
Exploits64
GithubExploit
GithubExploit
added 2026/05/31 9:11 a.m.88 views

Exploit for CVE-2026-8836

CVE-2026-8836 — lwIP SNMPv3 Stack Overflow PoC Proof of conce...

10CVSS7.7AI score0.01016EPSS
Exploits1
Circl
Circl
added 2026/05/20 6:0 p.m.11 views

CVE-2026-9082

creationtimestamp| type| source ---|---|--- 2026-05-20 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/drupal-remote-code-execution-vulnerability20260521 2026-05-20 18:43:04+00:00| seen|...

9.8CVSS6.1AI score0.84631EPSS
Exploits13References86
NVD
NVD
added 2026/04/22 12:16 a.m.6 views

CVE-2026-40343

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...

6.9CVSS0.09955EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/03 8:18 p.m.3 views

CVE-2026-28767 Gardyn Cloud API Missing Authentication for Critical Function

A specific administrative endpoint notifications is accessible without proper authentication...

6.9CVSS5.9AI score0.00377EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/13 4:7 p.m.2 views

CVE-2026-23940

Uncontrolled Resource Consumption vulnerability in hexpm hexpm/hexpm allows Excessive Allocation. Publishing an oversized package can cause Hex.pm to run out of memory while extracting the uploaded package tarball. This can terminate the affected application instance and result in a denial of...

7.1CVSS5.8AI score0.0044EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/13 9:45 p.m.4 views

CVE-2026-26273

Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists in Known 1.6.2 and earlier. The application leaks the password reset token within a hidden HTML input field on the password reset page. This allows any unauthenticated attacker to retrieve...

9.8CVSS5.5AI score0.00714EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/01/09 2:5 p.m.7 views

OESA-2026-1002 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

7.8CVSS7AI score0.00744EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:19 p.m.5 views

CVE-2018-10977

In 2345 Security Guard 3.7, the driver file 2345BdPcSafe.sys, X64 version allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCTL 0x002220E4...

7.8CVSS7AI score0.00413EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.7 views

PT-2025-50907

Name of the Vulnerable Software and Affected Versions PenciDesign Soledad versions n/a through 8.6.9 Description A flaw exists in PenciDesign Soledad that allows for privilege escalation. This allows subscribers to take over WordPress sites. Recommendations Update PenciDesign Soledad to a version...

6.6AI score0.00371EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/10/13 7:41 a.m.77 views

Exploit for CVE-2025-11171

CVE-2025-11171: Missing Authentication in Chartify WordPress Plu...

5.3CVSS7.4AI score0.00327EPSS
Exploits3
The Hacker News
The Hacker News
added 2025/10/06 11:37 a.m.10 views

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

Oracle has released an emergency update to address a critical security flaw in its E-Business Suite software that it said has been exploited in the recent wave of Cl0p data theft attacks. The vulnerability, tracked as CVE-2025-61882 CVSS score: 9.8, concerns an unspecified bug that could allow an...

9.8CVSS8AI score0.99722EPSS
Exploits14
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-15644

Malicious code in bioql PyPI...

9CVSS8.8AI score0.04295EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-3010

Malicious code in bioql PyPI...

6.1CVSS5.6AI score0.00406EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-47891

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00545EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-41923

Malicious code in bioql PyPI...

8.8CVSS7.1AI score0.01689EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-59290

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00776EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-16768

Malicious code in bioql PyPI...

9.8CVSS7.4AI score0.01659EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-12653

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00933EPSS
Exploits1References2
Rows per page
Query Builder