Lucene search
K

52 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.656 views

Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution

Laravel version 8.4.2 and before with Ignition before 2.5.2 allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2. id: CVE-2021-3129 info: name:...

9.8CVSS8.6AI score0.99943EPSS
Exploits36References5
Veracode
Veracode
added 2026/05/14 11:7 a.m.12 views

Authorization Bypass

github.com/juju/juju is vulnerable to Authorization Bypass. The vulnerability is due to insufficient authorization checks in the Controller facade CloudSpec API method, which allows a low-privileged authenticated attacker to access sensitive cloud credentials...

9.9CVSS5.8AI score0.00445EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/04/10 9:0 p.m.4 views

EUVD-2026-21364

Juju: CloudSpec method leaking cloud credentials...

9.9CVSS5.8AI score0.00445EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.5 views

PT-2025-54381

Cross-Site Request Forgery CSRF vulnerability in Manidoraisamy FormFacade allows Cross Site Request Forgery.This issue affects FormFacade: from n/a through 1.4.1...

4.3CVSS6.9AI score0.00098EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26837

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.00107EPSS
Exploits0References2
CNVD
CNVD
added 2025/09/08 12:0 a.m.5 views

Google Android elevation of privilege vulnerability (CNVD-2025-30723)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to unauthorized data access caused by SQL injection in multiple functions in PickerDbFacade.java. An attacker can exploit the vulnerability to elevate...

7.8CVSS8.2AI score0.00107EPSS
Exploits0References1
Gitee
Gitee
added 2025/09/06 5:5 p.m.265 views

defusedxml

This is a Python library called defusedxml, which is designed to prevent XML bomb denial of service DoS vulnerabilities. The library provides a facade for the standard library's xml.etree.ElementTree module, which is vulnerable to XML bombs. The defusedxml library defuses XML bombs by preventing...

7.1AI score
Exploits0
CVE
CVE
added 2025/09/04 6:33 p.m.27 views

CVE-2025-32327

CVE-2025-32327 affects Google Android via SQL injection in multiple functions of PickerDbFacade.java, enabling unauthorized data access and local elevation of privilege with no user interaction. Impact and exploit details are stated in multiple sources (NVD, Red Hat, CNVD, OSV). Root cause is an ...

7.8CVSS6.9AI score0.00107EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 9:22 a.m.6 views

CVE-2024-35526

An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade directory...

5.9CVSS5.9AI score0.00221EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/07/29 12:0 a.m.19 views

Facade Ignition < 2.5.2 Remote Code Execution

Facade Ignition is a customizable error page for Laravel applications running on Laravel 5.5 up to Laravel 8. It is the default error page for all Laravel 6 applications. Facade Ignition versions prior to 2.5.2 is is affected by a vulnerability allowing an unauthenticated attacker to obtain Remot...

9.8CVSS8AI score0.99943EPSS
Exploits36References3
NVD
NVD
added 2024/06/25 9:15 p.m.11 views

CVE-2024-35526

An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade directory...

5.9CVSS0.00221EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/25 12:0 a.m.5 views

PT-2024-26526 · Unknown · Farcry Core

Name of the Vulnerable Software and Affected Versions: FarCry Core framework versions prior to 7.2.14 Description: The issue allows attackers to access sensitive information in the "/facade" directory. Recommendations: For versions prior to 7.2.14, update to version 7.2.14 or later to resolve the...

5.9CVSS6.8AI score0.00221EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/25 12:0 a.m.3 views

FarCry Core Framework Security Vulnerability

FarCry Core Framework is a ColdFusion language web application framework open-sourced by FarCry Core. A security vulnerability exists in FarCry Core Framework versions prior to 7.2.14 that stems from allowing access to sensitive information in the /facade directory...

5.9CVSS6.4AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/25 12:0 a.m.19 views

CVE-2024-35526

An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade directory...

0.00221EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.23 views

Facade Ignition < 1.16.14 / 2.x < 2.4.2 / 2.5.x < 2.5.2 RCE

The version of Facade Ignition installed of the remote host is prior to 1.16.14, or 2.x prior to 2.4.2, or 2.5.x prior to 2.5.2. It is, therefore, affected by a remote code execution vulnerability. Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attacke...

9.8CVSS9.2AI score0.99943EPSS
Exploits36References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.21 views

[SECURITY] Fedora 40 Update: xstream-1.4.20-6.fc40

XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for...

8.8CVSS6.6AI score0.02557EPSS
Exploits3
GithubExploit
GithubExploit
added 2024/01/15 7:12 a.m.464 views

Exploit for CVE-2021-3129

CVE-2021-3129 Instructions: Note: A PHP environment is...

9.8CVSS7.2AI score0.99943EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/22 2:25 p.m.365 views

Exploit for CVE-2021-3129

Mass Scanner for CVE-...

9.8CVSS9.7AI score0.99943EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/10/22 2:25 p.m.327 views

Exploit for CVE-2021-3129

Mass Scanner for CVE-...

9.8CVSS9.7AI score0.99943EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/07/27 12:14 p.m.512 views

Exploit for CVE-2021-3129

CVE-2021-3129 Mass Scan Tools For Laravel = V8.4.2 Debug Mode...

9.8CVSS9.9AI score0.99943EPSS
Exploits36
Rows per page
Query Builder