Lucene search
K

584 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fixed a NULLptrderef issue in ishtpbusremoveallclients. During a warm reset process, the cl-device pointer may become NULL if the reset occurs while clients are still being enumerated. Accessing...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: An alert is added in trytofreebuffers for folios without buffers. trytofreebuffers can be called on folios with no buffers attached when filemapreleasefolio is invoked on a folio that belongs to a mapping, and...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 4:37 p.m.10 views

GHSA-WFPW-MMFH-QQ69 Nokogiri: Possible Use-After-Free in XInclude Processing

Summary XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on them. If an application had already exposed one of those nodes or namespaces to Ruby, the...

6.6CVSS5.8AI score0.00093EPSS
Exploits0References2
ICS
ICS
added 2026/06/18 6:0 a.m.13 views

AzeoTech DAQFactory (Update A)

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to upload malicious .ctl files that may lead to arbitrary code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...

8.4CVSS6.2AI score0.00148EPSS
Exploits0References11
GithubExploit
GithubExploit
added 2026/06/16 7:39 a.m.76 views

Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin

CVE-2026-54420 Mitigation Toolkit !Licensehttps://img.shie...

8.5CVSS5.8AI score0.01261EPSS
Exploits3
GithubExploit
GithubExploit
added 2026/06/14 12:28 a.m.147 views

Exploit for Unchecked Input for Loop Condition in Isc Bind

CVE-2026-5950 - BIND 9 Resolver DoS Research notes and defens...

5.3CVSS5.3AI score0.00551EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/06/12 11:53 p.m.83 views

kiro-cybersecurity-skills

CyberSecurity Skills A collection of 15 security workflows co...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

Palo Alto GlobalProtect TLS Posture Scanner

This Metasploit auxiliary module is structured as a defensive assessment tool focused on TLS posture analysis and service identification for GlobalProtect deployments...

5.3AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/11 4:28 p.m.86 views

Exploit for Use After Free in Linux Linux_Kernel

CVE-2026-23111 nftables LPE: exposure check and safe lab Def...

7.8CVSS5.9AI score0.00344EPSS
Exploits7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:32 p.m.12 views

Malicious code in getd-eslint-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17328047b2ec8dce82cfbdfd5b16c8f862d51dca26b02c9801587c220a48975a On npm install, postinstall.js collects host identifiers os.hostname, os.userInfo username, os.platform, current working directory, CI environment...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:29 p.m.16 views

Malicious code in getd-typescript-eslint-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caed4b0db34232c4ef920817b6087cee9ac0610ec4ec2e49edbb5f167342f42f On npm install, the postinstall.js script collects the installer's hostname, OS username, platform, current working directory, CI environment markers...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/09 8:29 p.m.12 views

MAL-2026-5470 Malicious code in getd-typescript-eslint-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caed4b0db34232c4ef920817b6087cee9ac0610ec4ec2e49edbb5f167342f42f On npm install, the postinstall.js script collects the installer's hostname, OS username, platform, current working directory, CI environment markers...

6.1AI score
Exploits0References2
Packet Storm
Packet Storm
added 2026/06/09 12:0 a.m.71 views

📄 Python-Multipart Path Traversal

This code bundle contains two separate components related to the path traversal vulnerability affecting Python-Multipart versions prior to 0.0.22. ================================================================================================================================== | Title :...

8.6CVSS6.5AI score0.02228EPSS
Exploits5
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.17 views

ProjeQtor 12.4.3 SQL Injection Validator for Login Endpoints

This Python script is a defensive validation tool designed to identify potential SQL injection indicators in login functionality without modifying database contents or attempting exploitation...

5.6AI score
Exploits0
ICS
ICS
added 2026/06/04 6:0 a.m.15 views

NAVTOR NavBox

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a local attacker to gain unauthorized access to SOAP methods, resulting in a disruption of operations. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

6.3CVSS5.3AI score0.00122EPSS
Exploits0References13
Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.12 views

Next.js Concurrent Version Exposure / Vulnerability Audit Tool

This Python script is a lightweight defensive auditing utility designed to identify websites running Next.js and determine whether their detected version falls within predefined potentially vulnerable version ranges...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.9 views

MCPJam Inspector 1.4.2 Defensive API Security Assessment Tool

This Python-based defensive auditing tool evaluates the exposure and security posture of MCP-related API endpoints in a controlled and authorized environment. It is designed to assist security teams in identifying insecure API configurations, exposed execution interfaces, and potential operationa...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/02 6:42 a.m.103 views

Exploit for Out-of-bounds Write in Linux Linux_Kernel

Fragnesia CVE-2026-46300 - Defensive Study Toolkit A self-c...

7.8CVSS5.8AI score0.03663EPSS
Exploits11
OSV
OSV
added 2026/06/01 4:4 p.m.2 views

CVE-2026-44740 go-billy: Lack of depth and cycle detection in symlink resolution may lead to infinite loops and resource exhaustion

Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loops, uncontrolled recursion, or excessive resource consumption. These issues arise from insufficien...

6.5CVSS5.9AI score0.00295EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/05/30 12:26 a.m.134 views

Exploit for CVE-2025-66478

CVE-2025-66478-Research-Proof-of-Concept Overview This re...

7.5AI score
Exploits111
Rows per page
Query Builder