Lucene search
K

432 matches found

Nuclei
Nuclei
added yesterday28 views

Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution

Monsta FTP = 2.11 contains an unrestricted file upload vulnerability caused by lack of authentication on file uploads, letting unauthenticated attackers execute arbitrary code by uploading crafted files. id: CVE-2025-34299 info: name: Monsta FTP = 2.11.2 - Unauthenticated Remote Code Execution...

9.8CVSS7.7AI score0.72536EPSS
Exploits6References3
Cvelist
Cvelist
added 2026/06/04 11:3 p.m.30 views

CVE-2026-10886

Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00345EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/21 11:16 a.m.95 views

Exploit for CVE-2026-4885

CVE-2026-4885 Piotnet Addons for Elementor Pro Note: The...

9.8CVSS5.8AI score0.00953EPSS
Exploits2
OSV
OSV
added 2026/05/09 12:33 p.m.9 views

OESA-2026-2262 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

7.8CVSS5.4AI score0.00364EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2026/04/14 10:0 a.m.4 views

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a "velocity gap" wher...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.14 views

PT-2026-32225

Name of the Vulnerable Software and Affected Versions TOTOLINK A7000R versions up to 9.1.0u.6115 Description A stack-based buffer overflow exists in the setWiFiEasyGuestCfg function within the '/cgi-bin/cstecgi.cgi' file. This issue is triggered by the manipulation of the ssid5g argument, allowin...

9CVSS8.5AI score0.00575EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2026/03/25 5:30 p.m.9 views

@grackle-ai/powerline Runs Without Authentication by Default

Impact When --token is not provided and GRACKLEPOWERLINETOKEN is not set, the PowerLine gRPC server runs with zero authentication. A warning is logged "NO AUTH development only" but nothing prevents deployment in this state. Any client that can reach the PowerLine port can spawn agent sessions,...

5.9AI score
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2026/01/25 3:7 p.m.362 views

Exploit for CVE-2026-1522

CVE-2026-1522 Advanced Mass Exploiter...

6AI score0.00656EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.15 views

CVE-2025-1812

A vulnerability classified as critical has been found in zj1983 zz up to 2024-08. Affected is the function GetUserOrg of the file com/futvan/z/framework/core/SuperZ.java. The manipulation of the argument userId leads to sql injection. It is possible to launch the attack remotely. The exploit has...

8.8CVSS7.2AI score0.00541EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:17 a.m.7 views

CVE-2025-1156

A vulnerability has been found in Pix Software Vivaz 6.0.10 and classified as critical. This vulnerability affects unknown code of the file /servlet?act=login. The manipulation of the argument usuario leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

7.5CVSS7.3AI score0.00376EPSS
Exploits0References1
NVD
NVD
added 2025/12/11 7:15 p.m.8 views

CVE-2025-13780

pgAdmin versions up to 9.10 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS0.00851EPSS
Exploits1References1
OSV
OSV
added 2025/12/11 7:15 p.m.5 views

CVE-2025-13780

pgAdmin versions up to 9.10 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

8.8CVSS7.7AI score
Exploits0References1
GithubExploit
GithubExploit
added 2025/11/20 1:45 a.m.214 views

Exploit for Missing Authentication for Critical Function in Langflow

CVE-2025-3248: Langflow Unauthenticated RCE Vulnerability Scan...

9.8CVSS9.1AI score0.99968EPSS
Exploits33
Vulnrichment
Vulnrichment
added 2025/10/10 10:25 p.m.2 views

CVE-2025-9552 Synchronize composer.json With Contrib Modules - Critical - Unsupported - SA-CONTRIB-2025-102

Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules:...

6.5AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-0918

Malware in sbrugna...

9.3CVSS7.9AI score0.04245EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-1038

Malware in sbrugna...

9.8CVSS6AI score0.00657EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-1175

Malware in sbrugna...

8.8CVSS8.6AI score0.03412EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-4076

Malware in sbrugna...

10CVSS6.4AI score0.01399EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47538

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00676EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-14982

Malicious code in bioql PyPI...

6.9CVSS5.5AI score0.00923EPSS
Exploits1References5
Rows per page
Query Builder