Vulnerability-Scanner-using-Ollama-3-

Vulnerability Scanning & Exploitation Toolkit A Python-based...

30-week-binary-exploitation-cve-program-generated-by-AI

\ 30-Week Binary Exploitation & CVE Analysis Program for Embed...

EUVD-2007-0383

Malware in sbrugna...

Exploit for Out-of-bounds Write in F5 Nginx

Disclosures Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts URL: https://github.com/badd1e/Disclosures List CVE-2009-2629: nginx http module Buffer Underflow Remote Code Execution Vulnerability Patch analysis, testcase, notes CVE-2013-0007: Microsoft XML Core...

CVE-2025-31492

A flaw was found in modauthopenidc, an OpenID Connect authentication module for Apache HTTP Server. This vulnerability allows unauthenticated users to access protected content via crafted HTTP POST requests to protected resources when no application-level gateway is present. Mitigation Mitigation...

CVE-2025-21945

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2lock If smblock-zerolen has value, -llist of smblock is not delete and flock is old one. It will cause use-after-free on error handling routine...

On November 13, NIST NVD finally admitted the obvious: they had failed to process the CVE analysis backlog before the end of the fiscal year (September 30)

On November 13, NIST NVD finallyadmittedthe obvious: they had failed to process the CVE analysis backlog before the end of the fiscal year September 30. This is actually visible in their own statistics. At the moment, there are 19860 identifiers in the backlog. This week, 1136 new CVEs were...

Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021

Hello everyone! In this episode I want to highlight the latest changes in my Vulristics project. For those who dont know, this is a utility for prioritizing CVE vulnerabilities based on data from various sources.. Currently Microsoft, NVD, Vulners, AttackerKB. Command Line Interface I started...

Introducing the 2020 Vulnerability Intelligence Report: 50 CVEs that Made Headlines in 2020

2020 was a tumultuous year for vulnerability risk management. Defenders had to contend with a growing volume of high-priority security threats, many of them in internet-facing technologies deployed to enable and secure a suddenly remote workforce. New communications from the U.S. National Securit...

Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs

Hello everyone! In this episode I would like to share an update for my Vulristics project. For those who dont know, in this project I am working on an alternative vulnerability scoring based on publicly available data to highlight vulnerabilities that need to be fixed as soon as possible. Roughly...

CVE-2013-4558

CVE-2013-4558 affects Subversion’s mod_dav_svn in Apache HTTPD when built with assertions and SVNAutoversioning enabled, allowing remote DoS via a non-canonical URL (trailing /). Affected versions: Subversion 1.7.11–1.7.13 and 1.8.1–1.8.4. Root cause: assertion triggered by non-canonical requests...

Sql injection

Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: CVE analysis suggests that the vendor fixed these issues...

Remote file inclusion

PHP remote file inclusion vulnerability in index.php in OpenPinboard 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the language parameter. NOTE: this issue has been disputed by the developer and a third party, since the variable is set before use. CVE analysis suggests th...

CVE-2006-3850

Vanilla CMS 1.0.1 and earlier contains a remote file inclusion vulnerability in upgrader.php when /conf/old_settings.php exists. An attacker can dereference a URL in the RootDirectory parameter to execute arbitrary PHP code. The issue has been disputed for version 1.0 (some sources state the Root...