Lucene search
+L

554 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.7 views

CVE-2022-31022

Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a node’s filesystem where the bleve index resides, if the user has used bleve’s own HTTP bleve/http handlers fo...

6.2CVSS6.8AI score0.00332EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/01/08 4:45 p.m.178 views

Cross-Site-Scripting---XSS

Cross Site Scripting XSS Assignment Objective Demonstrate Cro...

5.7AI score
Exploits0
OSV
OSV
added 2026/01/07 9:16 p.m.6 views

AZL-73967 CVE-2026-22184 affecting package deltarpm 3.6.2-7

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS6AI score0.00381EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 9:16 p.m.6 views

AZL-73964 CVE-2026-22184 affecting package blosc 1.21.4-2

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS6.2AI score0.00381EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/30 4:13 a.m.180 views

react2shell-poc-demo

!CAUTION THIS PROJECT IS USED FOR DEMONSTRATION PURPOSES O...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/18 12:0 a.m.181 views

📄 Laravel Pulse 1.3.1 Arbitrary Code Injection

Proof of concept exploit written in PHP for Laravel Pulse version 1.3.1. This version of Laravel Pulse suffers from an arbitrary code injection vulnerability...

8.8CVSS7.7AI score0.28571EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/12/17 12:0 a.m.216 views

📄 FastAPI‑Based Delivery Server Proof of Concept

This proof of concept demonstrates how legacy ActiveX objects in Internet Explorer can be invoked automatically when a crafted HTML payload is delivered by a minimal HTTP server. The proof of concept shows automatic execution attempts using WScript.Shell and Shell.Application without additional...

7.8CVSS6.9AI score0.01523EPSS
Exploits5
GithubExploit
GithubExploit
added 2025/12/12 5:35 a.m.166 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell CVE-2025-55182 A proof-of-concept exploit demon...

10CVSS8.1AI score0.99562EPSS
Exploits376
GithubExploit
GithubExploit
added 2025/12/11 2:7 p.m.163 views

security-vulnerabilities-and-protection-measures

Security Vulnerabilities and Protection Measures Submitted...

6.9AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/10 6:10 p.m.158 views

Exploit for CVE-2025-57460

CVE-2025-57460 Des: File upload vuln...

7.4AI score0.00385EPSS
Exploits1
GithubExploit
GithubExploit
added 2025/12/08 12:58 p.m.162 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Demonstration Lab Next.js / React RSC RCE Th...

10CVSS8.1AI score0.99562EPSS
Exploits376
GithubExploit
GithubExploit
added 2025/12/06 8:45 p.m.158 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 - React Server Components Prototype Chain Vulne...

10CVSS7.7AI score0.99562EPSS
Exploits376
GithubExploit
GithubExploit
added 2025/12/04 3:13 a.m.161 views

Exploit for CVE-2025-55182

RSC Report Lab – CVE-2025-55182 React 19.2.0 Учебный стенд,...

10CVSS7.1AI score0.99562EPSS
Exploits376
Positive Technologies
Positive Technologies
added 2025/11/08 12:0 a.m.7 views

PT-2025-46142

Name of the Vulnerable Software and Affected Versions QNAP HBS 3 Hybrid Backup Sync versions prior to 26.2.0.938 Description A flaw exists in QNAP HBS 3 Hybrid Backup Sync related to incorrect path restriction for an access-limited directory. Successful exploitation by a remote attacker could lea...

7.8CVSS7.3AI score0.00203EPSS
Exploits0References11
Packet Storm News
Packet Storm News
added 2025/11/08 12:0 a.m.11 views

Cryptographic Binding Should Not Be Optional: A Formal-Methods Analysis of FIDO UAF Channel Binding

As a case study in cryptographic binding, we present a formal-methods analysis of the cryptographic channel binding mechanisms in the Fast IDentity Online FIDO Universal Authentication Framework UAF authentication protocol, which seeks to reduce the use of traditional passwords in favor of...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-10467

Malware in sbrugna...

9.8CVSS9.2AI score0.04293EPSS
Exploits1References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-5514

Malware in sbrugna...

9.3CVSS6.4AI score0.10259EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-12966

Malware in sbrugna...

6.5CVSS6.5AI score0.01157EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-0723

Malware in sbrugna...

7.5CVSS6.4AI score0.02724EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-15705

Malware in sbrugna...

7.5CVSS7.4AI score0.01456EPSS
Exploits1References2
Rows per page
Query Builder