claude-security-scanner

🇨🇳 ⚡ bash git clone https://github.com/290298661...

cve-deep-dives

CVE Deep-Dives In-depth technical analyses of significant v...

Oracle Critical Patch Update Advisory - January 2026

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

CVE-2024-14001

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

EUVD-2024-55045

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2024-14001

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2024-14001

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2024-14001

Nagios XI prior to 2024R1.1.3 is vulnerable to cross-site scripting (XSS) via the Executive Summary Report component. The root cause is insufficient validation or escaping of user-supplied input in that component, allowing an attacker to inject and execute arbitrary script in a victim’s browser. ...

CVE-2024-14001 Nagios XI < 2024R1.1.3 XSS via Executive Summary Report

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.1.3 that stems from insufficient...

PT-2025-44558

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.1.3 Description Nagios XI is susceptible to cross-site scripting XSS through the Executive Summary Report component. A lack of proper input validation or escaping could allow an attacker to inject and execute...

PT-2025-39340

CVE-2025-00456 UNDER DEVELOPMENT - USE AT YOUR OWN RISK!!! Enhanced Incident Summary Report Executive Summary On September 18, 2025, a medium-severity incident Risk Score https://t.co/DGZmVvA9zF...

Imperva Snapshot™ Scan: What You Can Find in the Report

Imperva Snapshot is a free AWS RDS security assessment tool. You can use this tool to gain in-depth visibility into your data and get a deep understanding about what data resides in your RDS and where your RDS database security gaps are. Acquiring this intelligence is a key element and critical...

What’s New in InsightVM: Q2 2021 in Review

The world is changing rapidly. We hear that phrase a lot. Throughout Q2 though, it really is true. Vaccines have been rolling out, to varying success depending on the part of the world, but there is optimism. As Rapid7 offices begin to open up to our hard-working team members around the globe, we...

Rapid7 Announces General Availability for Scoped Executive Summary Report in InsightVM

Security teams often struggle to demonstrate the efficacy and progress of their organization’s vulnerability and remediation management program. This is a result of the complexity around identifying, collecting, and visualizing complicated metrics. InsightVM’s Executive Summary Report has proved ...

Siemens Nucleus Products IPv6 Stack

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens --------- Begin Update A Part 1 of 3 --------- Equipment: Capital VSTAR, Nucleus NET, Nucleus ReadyStart v3, Nucleus ReadyStart v4, Nucleus Source Code --------- End Update A Part 1 of 3...

RapidScan - The Multi-Tool Web Vulnerability Scanner

Evolution: It is quite a fuss for a pentester to perform binge-tool-scanning running security scanning tools one after the other sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program...

ICSA-18-345-01 McAfee SINAMICS PERFECT HARMONY GH180

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: McAfee Equipment: SINAMICS PERFECT HARMONY GH180 Vulnerability: Improper Access Control 2. RISK EVALUATION These files can be executed to compromise the HMI, and by extension, the drive system. 3. TECHNICAL DETAILS...

Blackhat 2014 Arsenal Experience

Last week at Blackhat Arsenal 2014, Pete and I @willis presented on Serpico. Arsenal was a great experience and I would highly recommend to anyone as an attendee or presenter. We got some great feedback on the project, so thank you to anyone who stopped by. Here were the top 3 feature requests an...

The PCI DSS Cloud Computing Guidelines: An Executive Summary

The PCI SSC and its Cloud Special Interest Group has released its Cloud Computing Guidelines after a year of collaboration and input from SIG members. Coalfire was a big contributor to this document, and we think it is required reading for anyone who has front-line responsibility for managing...