Lucene search
K

345 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/29 7:10 p.m.12 views

Malicious code in ect-987654-ctf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6f07a32f7f265a234c3b4e84eda91976ba6cdb73f979ef22104a70af28bf4a0 The package ect-987654-ctf was found to contain malicious code. Source: ossf-package-analysis...

7.1AI score
Exploits0
OSV
OSV
added 2025/10/29 7:10 p.m.4 views

MAL-2025-48953 Malicious code in ect-987654-ctf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6f07a32f7f265a234c3b4e84eda91976ba6cdb73f979ef22104a70af28bf4a0 The package ect-987654-ctf was found to contain malicious code. Source: ossf-package-analysis...

7.1AI score
Exploits0
GithubExploit
GithubExploit
added 2025/10/26 9:24 a.m.53 views

writeups

Hi there! This is a repo containing some of my security writeup...

6.5CVSS5.8AI score0.0031EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/10/20 12:0 a.m.21 views

Cybersecurity AI: Evaluating Agentic Cybersecurity in Attack/Defense CTFs

We empirically evaluate whether AI systems are more effective at attacking or defending in cybersecurity. Using CAI Cybersecurity AI's parallel execution framework, we deployed autonomous agents in 23 Attack/Defense CTF battlegrounds. Statistical analysis reveals defensive agents achieve 54.3%...

6.9AI score
Exploits0
OSV
OSV
added 2025/10/18 5:38 a.m.4 views

MAL-2025-48511 Malicious code in test-postinstall-package-for-ctf-nfrejnfvjenjner (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/10/04 7:39 p.m.477 views

Exploit for CVE-2025-39946

README This is an exploit for CVE-2025-39946. It...

6.9AI score0.08942EPSS
Exploits1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-52728

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00588EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51701

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.00237EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2025/10/01 9:53 a.m.221 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

🛡️ pwnkit-helper - Elevate Your Hacking Skills Safely !Down...

7.8CVSS7.1AI score0.94921EPSS
Exploits152
RedhatCVE
RedhatCVE
added 2025/09/29 9:47 p.m.9 views

CVE-2025-59932

Flag Forge is a Capture The Flag CTF platform. From versions 2.0.0 to before 2.3.1, the /api/resources endpoint previously allowed POST and DELETE requests without proper authentication or authorization. This could have enabled unauthorized users to create, modify, or delete resources on the...

8.6CVSS6.9AI score0.00346EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/27 12:51 a.m.7 views

CVE-2025-59932 FlagForgeCTF Unauthenticated Resource Modification/Deletion

Flag Forge is a Capture The Flag CTF platform. From versions 2.0.0 to before 2.3.1, the /api/resources endpoint previously allowed POST and DELETE requests without proper authentication or authorization. This could have enabled unauthorized users to create, modify, or delete resources on the...

8.6CVSS6.5AI score0.00346EPSS
Exploits0References1
CVE
CVE
added 2025/09/27 12:51 a.m.23 views

CVE-2025-59932

Summary: CVE-2025-59932 affects Flag Forge (FlagForgeCTF). From versions 2.0.0 up to before 2.3.1, the /api/resources endpoint allowed POST and DELETE requests without proper authentication or authorization, enabling unauthorized users to create, modify, or delete resources. The issue has been fi...

8.6CVSS6.5AI score0.00346EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/09/26 4:3 p.m.10 views

CVE-2025-59843 FlagForgeCTF Exposes User Emails via Public /api/user/[username] API

Flag Forge is a Capture The Flag CTF platform. From versions 2.0.0 to before 2.3.2, the public endpoint /api/user/username returns user email addresses in its JSON response. The fix, intended for release in 2.3.1 but only available starting in version 2.3.2, removes email addresses from public AP...

6.9CVSS0.00389EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/25 8:49 p.m.15 views

CVE-2025-59833

Flag Forge is a Capture The Flag CTF platform. In versions from 2.1.0 to before 2.3.0, the API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object, regardless of whether the user has unlocked them via point deduction. Users can view all hints for free,...

7.5CVSS6.7AI score0.00323EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/23 8:26 p.m.2 views

CVE-2025-59826 FlagForgeCTF Vulnerable to Unauthorized Problem Creation

Flag Forge is a Capture The Flag CTF platform. In version 2.1.0, non-admin users can create arbitrary challenges, potentially introducing malicious, incorrect, or misleading content. This issue has been patched in version 2.2.0...

7.6CVSS6.6AI score0.00215EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/09/17 7:22 a.m.356 views

Exploit for CVE-2024-58239

CVE-2024-58239 mitigation exploit This is my first 1-day expl...

5.5CVSS6.9AI score0.00175EPSS
Exploits2
Gitee
Gitee
added 2025/09/13 5:43 p.m.85 views

pwntools

This is a CTF framework and exploit development library. It is a Python library for exploit development and reverse engineering. The library provides a set of tools for creating and executing exploits, as well as for analyzing and debugging binary files. The library is designed to be extensible a...

7AI score
Exploits0
Gitee
Gitee
added 2025/09/13 5:2 a.m.123 views

Zeratool

This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis engine to analyze binaries and identify vulnerabilities, and then weaponizes these vulnerabilities for remote code execution through pwntools. The...

8.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/28 7:10 a.m.7 views

Malicious code in ctf-q21-empire-tmp-test125 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/08/28 7:10 a.m.4 views

MAL-2025-41656 Malicious code in ctf-q21-empire-tmp-test125 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Rows per page
Query Builder