Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2058 matches found

Packet Storm
Packet Stormadded 2025/04/18 12:0 a.m.322 views

📄 Tatsu 3.3.11 Remote Code Execution

Tatsu versions 3.3.11 and below pre-authentication proof of concept remote code execution exploit. !/usr/bin/python3 coding: utf-8 Exploit Title:Tatsu = 3.3.11 pre-auth RCE exploit Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H:...

8.1CVSS8.4AI score0.90975EPSS
Exploits9
Exploit DB
Exploit DBadded 2025/04/18 12:0 a.m.253 views

Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation

Exploit Title: Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation Date: 16 December, 2024 Exploit Author: Jun Takemura Author's GitHub: https://github.com/JunTakemura Author's Blog: juntakemura.dev Vendor Homepage: https://themehunk.com Software Link:...

9.8CVSS7.4AI score0.9188EPSS
Exploits5
GithubExploit
GithubExploitadded 2025/04/16 6:24 p.m.226 views

Exploit for CVE-2025-26244

CVE-2025-26244-POC The code to exploit this vulnerability can...

6.3AI score
Exploits1
GithubExploit
GithubExploitadded 2025/04/16 10:28 a.m.225 views

Exploit for CVE-2025-29927

CVE-2025-29927 - Next.js Middleware Authorization Bypass PoC...

9.1CVSS7.2AI score0.92118EPSS
Exploits55
GithubExploit
GithubExploitadded 2025/04/15 4:57 a.m.373 views

Exploit for SQL Injection in Glpi-Project Glpi

Exploit-CVE-2025-24799 CVE-2025-24799 Exploit: GLPI - Unauthen...

9.8CVSS6.3AI score0.28839EPSS
Exploits5
Packet Storm
Packet Stormadded 2025/04/15 12:0 a.m.224 views

📄 Cacti 1.2.26 Remote Code Execution

Cacti version 1.2.26 proof of concept remote code execution exploit. Exploit Title: Cacti 1.2.26 - Remote Code Execution RCE Authenticated Date: 06/01/2025 Exploit Author: D3Ext Vendor Homepage: https://cacti.net/ Software Link: https://github.com/Cacti/cacti/archive/refs/tags/release/1.2.26.zip...

9.1CVSS9.8AI score0.8819EPSS
Exploits17
Packet Storm
Packet Stormadded 2025/04/15 12:0 a.m.217 views

📄 Pymatgen 2024.1 Remote Code Execution

Pymatgen version 2024.1 suffers from a remote code execution vulnerability. Exploit Title : Pymatgen 2024.1 - Remote Code Execution RCE Google Dork : not applicable Date : 2024-11-13 Exploit Author : Mohammed Idrees Banyamer Vendor Homepage : https ://pymatgen.org Software Link : https ://pypi.or...

9.3CVSS9.5AI score0.54892EPSS
Exploits8
Exploit DB
Exploit DBadded 2025/04/14 12:0 a.m.242 views

GestioIP 3.5.7 - Remote Command Execution (RCE)

Exploit Title: GestioIP 3.5.7 - Remote Command Execution RCE Exploit Author: m4xth0r Maximiliano Belino Author website: https://maxibelino.github.io/ Author email max.cybersecurity at belino.com GitHub disclosure link: https://github.com/maxibelino/CVEs/tree/main/CVE-2024-48760 Date: 2025-01-13...

9.8CVSS7.1AI score0.60972EPSS
Exploits5
Exploit DB
Exploit DBadded 2025/04/11 12:0 a.m.171 views

flatCore 1.5 - Cross Site Request Forgery (CSRF)

Exploit Title: flatCore 1.5 - Cross Site Request Forgery CSRF Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/flatCore/flatCore-CMS Software Link: https://github.com/flatCore/flatCore-CMS Version: d3a5168 Tested on: Ubuntu Windows CVE : CVE-2019-13961 PoC: CSRF PoC...

8.8CVSS8.9AI score0.00484EPSS
Exploits4
GithubExploit
GithubExploitadded 2025/04/10 2:4 p.m.365 views

Exploit for Code Injection in Langflow

CVE-2025-3248-POC POC of CVE-2025-...

9.8CVSS9.9AI score0.92665EPSS
Exploits33
Exploit DB
Exploit DBadded 2025/04/09 12:0 a.m.281 views

Artica Proxy 4.50 - Remote Code Execution (RCE)

Exploit Title: Artica Proxy 4.50 - Remote Code Execution RCE Date: 23-04-2024 Exploit Author: Madan Vendor Homepage: https://artica-proxy.com/ Version: 4.40, 4.50 Tested on: relevant os CVE : CVE-2024-2054 you can also find the exploit on my github repo: https://github.com/Madan301/CVE-2024-2054...

9.8CVSS9.6AI score0.87774EPSS
Exploits9
Packet Storm
Packet Stormadded 2025/04/08 12:0 a.m.226 views

📄 Nagios Xi 5.6.6 Remote Code Execution

Nagios Xi version 5.6.6 proof of concept authenticated remote code execution exploit. Exploit Title: Nagiosxi authenticated Remote Code Execution Date: 17/02/2024 Exploit Author: Calil Khalil Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Version: Nagios Xi 5.6.6 Tested on: Ubuntu CV...

9CVSS9AI score0.86916EPSS
Exploits13
Packet Storm
Packet Stormadded 2025/04/07 12:0 a.m.309 views

📄 Apache Tomcat Remote Code Execution

Apache Tomcat has a path equivalence remote code execution vulnerability. Versions prior to 11.0.3, 10.1.35, and 9.0.98 are affected. Exploit Title: Apache Tomcat Path Equivalence - Remote Code Execution Exploit Author: Al Baradi Joy CVE: CVE-2025-24813 Date: 2025-04-06 Vendor Homepage:...

9.8CVSS9.5AI score0.9413EPSS
Exploits44
Exploit DB
Exploit DBadded 2025/04/05 12:0 a.m.354 views

Next.js Middleware 15.2.2 - Authorization Bypass

Exploit Title: Next.js Middleware Bypass Vulnerability CVE-2025-29927 Date: 2025-03-26 Exploit Author: kOaDT Vendor Homepage: https://nextjs.org/ Software Link: https://github.com/vercel/next.js Version: 13.0.0 - 13.5.8 / 14.0.0 - 14.2.24 / 15.0.0 - 15.2.2 / 11.1.4 - 12.3.4 Tested on: Ubuntu...

9.1CVSS7.4AI score0.92118EPSS
Exploits55
GithubExploit
GithubExploitadded 2025/04/04 8:45 a.m.201 views

Exploit for Deserialization of Untrusted Data in Apache Parquet_Java

CVE-2025-30065 Proof of Concept - Apache Parquet RCE FOR EDUC...

10CVSS9.2AI score0.00378EPSS
Exploits9
Packet Storm
Packet Stormadded 2025/04/03 12:0 a.m.295 views

📄 Usermin 2.100 Username Enumeration

Usermin versions 2.100 and below suffer from a username enumeration vulnerability. Exploit Title: Usermin 2.100 - Username Enumeration Date: 10.02.2024 Exploit Author: Kjesper Vendor Homepage: https://www.webmin.com/usermin.html Software Link: https://github.com/webmin/usermin Version: = 2.100...

5.3CVSS6.7AI score0.13166EPSS
Exploits5
CNNVD
CNNVDadded 2025/03/31 12:0 a.m.3 views

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed for Mac computers by Apple USA. A security vulnerability exists in Apple macOS Sequoia, which stems from insufficient removal of exploit code and could lead to obtaining root privileges...

7.8CVSS6.5AI score0.00042EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2025/03/26 7:6 p.m.191 views

Exploit for CVE-2025-30208

No proxy scanning pyth...

5.3CVSS6.7AI score0.89847EPSS
Exploits27
Packet Storm
Packet Stormadded 2025/03/24 12:0 a.m.129 views

TranzAxis 3.2.41.10.26 Cross Site Scripting

TranzAxis version 3.2.41.10.26 suffers from a persistent cross site scripting vulnerability. Exploit Title: TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting XSS Authenticated Date: 10th, March, 2025 Exploit Author: ABABANK REDTEAM Vendor Homepage: https://compassplustechnologies.com/ Version:...

6.6AI score
Exploits0
Exploit DB
Exploit DBadded 2025/03/22 12:0 a.m.282 views

Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)

Exploit Title: Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change Unauthenticated Date: 2025-02-26 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.aztech.com Version: DSL5005EN Tested on: Linux CVE: N/A import requests import argparse print''' aztech DSL5005EN...

7.4AI score
Exploits0
Rows per page
Query Builder