Lucene search
K

544073 matches found

GithubExploit
GithubExploit
added 49 minutes ago3 views

Exploit for CVE-2026-58635

CVE-2026-58635: Windows Narrator Braille Local Privilege Escal...

7.8CVSS6.3AI score
Exploits1
BDU FSTEC
BDU FSTEC
added 2 hours ago23 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS7.2AI score0.00709EPSS
Exploits1References11Affected Software9
BDU FSTEC
BDU FSTEC
added 2 hours ago28 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7AI score0.00385EPSS
Exploits0References11Affected Software9
BDU FSTEC
BDU FSTEC
added 2 hours ago10 views

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems is related to incorrect resource management. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6AI score0.00127EPSS
Exploits0References6Affected Software4
ATTACKERKB
ATTACKERKB
added 2 hours ago6 views

CVE-2026-59236

Authorization Bypass Through User-Controlled Key CWE-639 in the Excel import handlers CustomerImport, LeadImport, ProductImport in Roskus Prospero Flow CRM before 5.14.0 allows a remote, authenticated user of any role or company to create customer, lead, and product records inside another company...

6.9CVSS6.1AI score
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 3 hours ago5 views

CVE-2026-59235

Missing Authorization CWE-862 in BankAccountListController app/Http/Controllers/Api/BankAccount/BankAccountListController.php, exposed at GET /api/bank-account, in Prospero Flow CRM companyid-get, performing only company scoping and no role or permission check before returning the data. This...

8.7CVSS6.2AI score
Exploits0References4Affected Software1
GithubExploit
GithubExploit
added 3 hours ago5 views

Exploit for Missing Authentication for Critical Function in Estrongs Es_File_Explorer_File_Manager

CVE-2019-6447: ES File Explorer Unauthenticated HTTP Service...

8.1CVSS7AI score0.6202EPSS
Exploits9
ATTACKERKB
ATTACKERKB
added 3 hours ago3 views

CVE-2026-8281

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 hours ago3 views

CVE-2026-40633

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7, versions 9.11.0.0 through 9.13.0.2 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure...

7.8CVSS6.1AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 3 hours ago2 views

CVE-2026-49501

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.7, and versions 9.11.0.0 through 9.13.0.2 contains an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

6.7CVSS6.1AI score
Exploits0References2
GithubExploit
GithubExploit
added 3 hours ago8 views

Exploit for Use After Free in Linux Linux_Kernel

CVE-2026-43499 for popsicle This repository contains the CV...

7.8CVSS6.7AI score0.00125EPSS
Exploits17
GithubExploit
GithubExploit
added 4 hours ago11 views

Exploit for Improper Authentication in Google Android

BT-HID-PoC — CVE-2023-45866 Interactive Wizard DISCLAIMER...

6.3CVSS6.8AI score0.07879EPSS
Exploits9
ATTACKERKB
ATTACKERKB
added 4 hours ago3 views

CVE-2026-57821

A SQL Injection vulnerability exists in Apache Fineract's Office Search API GET /api/v1/offices in versions up to and including 1.14.0. The orderBy request parameter is concatenated into a SQL query without sufficient validation, allowing an authenticated user with permission to view offices to...

6.1AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 4 hours ago2 views

CVE-2026-35152

A SQL Injection vulnerability exists in Apache Fineract's Report Execution API runreports endpoint in versions up to and including 1.14.0. Report parameter values are incorporated into the generated SQL query without sufficient validation, allowing an authenticated user with permission to run...

6.2AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 4 hours ago2 views

CVE-2026-56287

A boolean-based SQL Injection vulnerability exists in Apache Fineract's Client Search API GET /api/v1/clients in versions up to and including 1.14.0. The orderBy and sortOrder request parameters are concatenated into a SQL query without sufficient validation, allowing an authenticated user with...

6.1AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 hours ago1 views

CVE-2026-58077

The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS. A specially crafted unauthenticated request may result in website takeover under some circumstances...

8.7CVSS6.1AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 4 hours ago3 views

CVE-2026-57833

The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS in relation to the AI analysis feature...

8.6CVSS6.1AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 5 hours ago5 views

CVE-2026-57832

The Joomla extension EDocman is vulnerable to an unauthenticated SQL injection...

8.7CVSS6.1AI score
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 5 hours ago4 views

CVE-2026-57831

The Joomla extension DP Calendar is vulnerable to an unauthenticated SQL injection...

8.7CVSS6.1AI score
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 5 hours ago13 views

Exploit for Deserialization of Untrusted Data in Metabase

CVE-2026-59827 — Unsafe Deserialization of H2 Query Results in...

9.9CVSS6.8AI score0.00457EPSS
Exploits1
Rows per page
Query Builder