Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

274334 matches found

Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.128 views

📄 Starlink DNS Rebinding

This python script implements a DNS rebinding attack targeting Starlink infrastructure CVE-2023-52235. ================================================================================================================================== | Title : Starlink DNS Rebinding Exploit | | Author : indoushka...

8.8CVSS5.8AI score0.00528EPSS
Exploits2
Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.139 views

📄 Starlink DNS Rebinding

This Metasploit auxiliary module implements a DNS rebinding attack targeting Starlink infrastructure CVE-2023-52235. The module operates by running a malicious DNS server that dynamically switches responses from a public IP to internal network targets, enabling access to internal services. It als...

8.8CVSS5.8AI score0.00528EPSS
Exploits2
Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.118 views

📄 OpenEMR 8.0.0 Authenticated SQL Injection

OpenEMR version 8.0.0 authenticated remote SQL injection exploit that leverages the name parameter in ajax/graphs.php. ====================================================================================================================== | Title : OpenEMR 8.0.0 Authenticated SQL Injection via nam...

8.8CVSS5.9AI score0.00327EPSS
Exploits2
Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.118 views

📄 DSpace 7.6.6-next Cross Site Scripting

The Discovery Search REST API in DSpace version 7.6.6-next suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : DSpace 7.6.6-next Discovery API...

5.2AI score
Exploits0
Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.125 views

📄 MailEnable 10.54 Cross Site Scripting

MailEnable versions 10.54 and below suffer from multiple cross site scripting vulnerabilities. --------------------------------------------------------------------------- MailEnable = 10.54 Multiple Reflected Cross-Site Scripting Vulnerabilities...

5.2AI score
Exploits0
Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.98 views

📄 Webb Fontaine Trade Portal Information Disclosure

A security vulnerability was identified in the Webb Fontaine Trade Portal affecting the codification module /trade/help/codification. The issue allows unauthorized users to trigger data export functionality via the /export/excel endpoint without proper validation of session state or user...

5.8AI score
Exploits0
Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.109 views

📄 AVideo Command Injection

The Metasploit exploit module targets a command injection vulnerability in AVideo. This module exploits a base64-encoded command injection flaw in AVideo Encoder's image processing endpoint, turning a simple URL parameter into remote code execution with multiple payload strategies. Versions prior...

6.5AI score
Exploits0
Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.148 views

📄 Cursor IDE MCP Deeplink Remote Code Execution

This Metasploit module exploits the MCP deeplink functionality in Cursor IDE through social engineering. The cursor:// protocol handler can be abused when a user accepts an installation prompt, leading to arbitrary command execution...

8.8CVSS6.2AI score0.07526EPSS
Exploits2
Saint
Saintadded 2026/03/23 12:0 a.m.79 views

Windows Routing and Remote Access Service integer overflow

Added: 03/23/2026 Background The Windows Routing and Remote Access Service supports remote user or site-to-site connectivity by using VPN or dial-up connections. Problem An integer overflow vulnerability in the Windows Routing and Remote Access Service allow command execution when a domain-joined...

8CVSS6.1AI score0.00836EPSS
Exploits3
Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.106 views

📄 Barracuda ESG TAR Filename Command Injection

This Metasploit module exploits CVE-2023-2868, a command injection vulnerability in Barracuda Email Security Gateway ESG appliances. The vulnerability exists in how the ESG processes TAR file attachments - filenames containing shell metacharacters backticks are passed directly to shell commands...

9.8CVSS7.8AI score0.86956EPSS
Exploits3
Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.180 views

📄 Digital Watchdog DVR VMAX / DW-VP / DW-VA Credential Disclosure / Code Execution

Digital Watchdog DVR versions VMAX, DW-VP, and DW-VA suffer from unauthenticated credential disclosure and post-authentication remote code execution vulnerabilities. Exploit Title: Digital Watchdog DVR VMAX/DW-VP/DW-VA unauth credential disclosure and post-auth RCE Date: 2026-01-06 Exploit Author...

6.5AI score
Exploits0
Saint
Saintadded 2026/03/23 12:0 a.m.54 views

Windows Routing and Remote Access Service integer overflow

Added: 03/23/2026 Background The Windows Routing and Remote Access Service supports remote user or site-to-site connectivity by using VPN or dial-up connections. Problem An integer overflow vulnerability in the Windows Routing and Remote Access Service allow command execution when a domain-joined...

8CVSS6AI score0.00836EPSS
Exploits3
GithubExploit
GithubExploitadded 2026/03/22 9:1 p.m.129 views

Exploit for Integer Overflow or Wraparound in Qualcomm Sm7675P_Firmware

CVE-2026-21385 Scanner Languages / Idiomas: Englishen...

7.8CVSS7.5AI score0.01068EPSS
Exploits3
GithubExploit
GithubExploitadded 2026/03/22 8:52 p.m.178 views

Exploit for CVE-2026-24516

CVE-2026-24516-DigitalOcean-RCE Critical Pre-Auth Root RCE CV...

5.9AI score0.02502EPSS
Exploits2
GithubExploit
GithubExploitadded 2026/03/22 6:11 p.m.170 views

Exploit for Cross-site Scripting in Codex-Themes Thegem

TheGem-Theme-Exploit-Chain-One-Click-Full-Compromise-Subscribe...

8.8CVSS7AI score0.01055EPSS
Exploits1
GithubExploit
GithubExploitadded 2026/03/22 4:45 p.m.119 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

🔥 Solar Exploiting Log4j - TryHackMe Walkthrough 📌 Room: S...

10CVSS7.7AI score0.99999EPSS
Exploits346
GithubExploit
GithubExploitadded 2026/03/22 4:30 p.m.116 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

🔥 Solar Exploiting Log4j - TryHackMe Walkthrough 📌 Room: S...

10CVSS7.7AI score0.99999EPSS
Exploits346
GithubExploit
GithubExploitadded 2026/03/22 2:35 p.m.120 views

XSS-CSRF

No d...

5.8AI score
Exploits0
GithubExploit
GithubExploitadded 2026/03/22 12:32 p.m.116 views

Exploit for Path Traversal in Apache Http_Server

https://n...

9.8CVSS5.8AI score0.99992EPSS
Exploits148
GithubExploit
GithubExploitadded 2026/03/22 12:17 p.m.137 views

Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access

BeyondTrust CVE-2026-1731 PoC Overview A Python-based sec...

9.9CVSS7.7AI score0.86091EPSS
Exploits11
Rows per page
Query Builder