Lucene search
K

648435 matches found

RedHat Linux
RedHat Linux
added 15 minutes ago2 views

nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers

A flaw was found in NGINX. When NGINX is configured to proxy HTTP/2 traffic using the ngxhttpproxyv2module or ngxhttpgrpcmodule with specific settings, a remote, unauthenticated attacker can send specially crafted large headers. This can trigger a heap-based buffer overflow, leading to a restart ...

9.2CVSS0.02838EPSS
Exploits1References5
GithubExploit
GithubExploit
added 26 minutes ago1 views

windows7-eternalblue-lab

MS17-010 EternalBlue Exploitation Lab Hands-on penetration t...

9.3CVSS0.93307EPSS
Exploits47
NVD
NVD
added 4 hours ago4 views

CVE-2026-14495

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologin\s::rrand seeds the Mersenne Twister with mtsranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 5 hours ago3 views

CVE-2026-14495

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologin\s::rrand seeds the Mersenne Twister with mtsranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS5.9AI score
Exploits0References6
EUVD
EUVD
added 5 hours ago5 views

EUVD-2026-42167

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologin\s::rrand seeds the Mersenne Twister with mtsranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS5.9AI score
Exploits0References5
CVE
CVE
added 5 hours ago9 views

CVE-2026-14495

CVE-2026-14495 affects DoLogin Security for WordPress up to version 4.3. The issue is an authentication bypass caused by insufficient randomness in the dologin token: the PRNG is seeded with mt_srand((double) microtime() * 1000000), discarding the integer-seconds and giving ~10^6 seeds (~20 bits ...

8.8CVSS5.9AI score
Exploits0References5
Cvelist
Cvelist
added 5 hours ago11 views

CVE-2026-14495 DoLogin Security <= 4.3 - Unauthenticated Authentication Bypass via Insufficient Randomness via 'dologin' Parameter Weak PRNG Token

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologin\s::rrand seeds the Mersenne Twister with mtsranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS
Exploits0References5
OSV
OSV
added 5 hours ago0 views

DEBIAN-CVE-2026-55645

Bulletin has no description...

Exploits0References1
GithubExploit
GithubExploit
added 6 hours ago21 views

Exploit for Unrestricted Upload of File with Dangerous Type in Joomlack Page_Builder_Ck

CVE-2026-56290 - Compagebuilderck Mass Exploit ⚠️ Disclai...

10CVSS6.1AI score0.00356EPSS
Exploits3
OSV
OSV
added 9 hours ago0 views

DEBIAN-CVE-2026-59997

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection...

4.2CVSS
Exploits0References1
Fedora
Fedora
added 9 hours ago3 views

[SECURITY] Fedora 43 Update: python-rignore-0.7.6-7.fc43

rignore is a Python module that provides a high-performance, Rust-powered file system traversal functionality. It wraps the Rust ignore crate using PyO3, offering an efficient way to walk through directories while respecting various ignore rules...

6AI score
Exploits0
Fedora
Fedora
added 9 hours ago3 views

[SECURITY] Fedora 43 Update: python-fastar-0.11.0-7.fc43

The fastar library wraps the Rust tar, flate2, and zstd crates, providing a high-performance way to work with compressed and uncompressed tar archives in Python...

6AI score
Exploits0
Fedora
Fedora
added 9 hours ago3 views

[SECURITY] Fedora 44 Update: python-rignore-0.7.6-7.fc44

rignore is a Python module that provides a high-performance, Rust-powered file system traversal functionality. It wraps the Rust ignore crate using PyO3, offering an efficient way to walk through directories while respecting various ignore rules...

6AI score
Exploits0
Fedora
Fedora
added 9 hours ago3 views

[SECURITY] Fedora 44 Update: python-fastar-0.11.0-7.fc44

The fastar library wraps the Rust tar, flate2, and zstd crates, providing a high-performance way to work with compressed and uncompressed tar archives in Python...

6AI score
Exploits0
GithubExploit
GithubExploit
added 10 hours ago22 views

Exploit for CVE-2026-49777

!AMN SECURITYhttps://img.shields.io/badge/AMN-SECURITY-000000...

10CVSS6.2AI score0.01656EPSS
Exploits3
GithubExploit
GithubExploit
added 10 hours ago22 views

Exploit for CVE-2026-8206

🛡️ AMN SECURITY 🛡️ !CVE-2026-8206https://img.shields.io/ba...

9.8CVSS5.9AI score0.0126EPSS
Exploits5
Positive Technologies
Positive Technologies
added 10 hours ago8 views

PT-2026-56322

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologins::rrand seeds the Mersenne Twister with mt sranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS5.9AI score
Exploits0References6
BDU FSTEC
BDU FSTEC
added yesterday10 views

The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.

The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

7CVSS6.1AI score0.00121EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added yesterday3 views

Flask-Security-Too: WebAuthn reauthentication freshness bypass via cross-user assertion

Summary Flask-Security-Too 5.8.0 and 5.8.1 mark a session as reauthentication-fresh after processing a WebAuthn assertion whose proven credential belongs to a different user than the currently authenticated session user. The check that GHSA-97r5-pg8x-p63p added on the OAuth reauthentication path...

6AI score
Exploits0References2Affected Software1
OSV
OSV
added yesterday3 views

GHSA-F66Q-9RF6-8795 Flask-Security-Too: WebAuthn reauthentication freshness bypass via cross-user assertion

Summary Flask-Security-Too 5.8.0 and 5.8.1 mark a session as reauthentication-fresh after processing a WebAuthn assertion whose proven credential belongs to a different user than the currently authenticated session user. The check that GHSA-97r5-pg8x-p63p added on the OAuth reauthentication path...

5.3CVSS6AI score
Exploits0References2
Rows per page
Query Builder