Lucene search
K

4852 matches found

Nuclei
Nuclei
added yesterday54 views

EspoCRM <= 9.3.3 - Server-Side Request Forgery

EspoCRM = 9.3.3 contains an authenticated server-side request forgery caused by improper internal-host validation using alternative IPv4 formats in HostCheck::isNotInternalHost, letting authenticated users access internal resources via /api/v1/Attachment/fromImageUrl endpoint. id: CVE-2026-33534...

4.3CVSS6.1AI score0.01978EPSS
Exploits5References2
Circl
Circl
added 2 days ago5 views

CVE-2023-43364

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:16+00:00| seen| https://t.me/GithubRedTeam/91214 2026-07-14 00:00:33+00:00| seen| https://t.me/GithubRedTeam/91214...

9.8CVSS7AI score0.02565EPSS
Exploits3References1
NVD
NVD
added 2 days ago5 views

CVE-2026-12385

The Smart Slider 3 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.1.37 via the 'keyword' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to extract titles and full content...

4.3CVSS0.00242EPSS
Exploits0References7
CVE
CVE
added 2 days ago10 views

CVE-2026-15535

The CVE concerns AkariAsai self-rag’s retrieval_lm component. Affected code: file retrieval_lm/src/index.py, function Indexer.deserialize_from, where manipulating the argument index_meta.faiss can trigger deserialization. This may be exploitable remotely; public exploit details exist. No specific...

6.5CVSS6.4AI score0.00247EPSS
Exploits0References7
Circl
Circl
added 3 days ago4 views

CVE-2019-0824

creationtimestamp| type| source ---|---|--- 2026-07-12 22:00:13+00:00| seen| https://t.me/securixykz/495 2026-07-13 00:00:37+00:00| seen| https://t.me/securixykz/495 2026-07-14 00:00:55+00:00| seen| https://t.me/securixykz/495...

7.8CVSS7AI score0.10551EPSS
Exploits0References1
Metasploit
Metasploit
added 5 days ago22 views

FTP Fetch, Windows Disable Windows ICF, Command Shell, Bind TCP Inline

Fetch and execute an x86 payload from an FTP server. Disable the Windows ICF, then listen for a connection and spawn a command shell Module Options msf use payload/cmd/windows/ftp/x86/shellbindtcpxpfw msf payloadshellbindtcpxpfw show actions ...actions... msf payloadshellbindtcpxpfw set ACTION ms...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago18 views

FTP Fetch, Bind TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an FTP server. Listen for a connection No NX Module Options msf use payload/cmd/windows/ftp/x86/patchupdllinject/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show options ...show and se...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago20 views

FTP Fetch, Windows x86 Pingback, Bind TCP Inline

Fetch and execute an x86 payload from an FTP server. Open a socket and report UUID when a connection is received Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/pingbackbindtcp msf payloadpingbackbindtcp show actions ...actions... msf payloadpingbackbindtcp set ACTION msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago28 views

FTP Fetch, Windows Upload/Execute, Reverse TCP Stager

Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/upexec/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago13 views

FTP Fetch, Reverse TCP Stager (IPv6)

Fetch and execute a x86 payload from an FTP server. Connect back to attacker over IPv6 Module Options msf use payload/cmd/linux/ftp/x86/meterpreter/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options ...sh...

6.2AI score
Exploits0
Fedora
Fedora
added 5 days ago7 views

[SECURITY] Fedora 44 Update: c-ares-1.34.7-1.fc44

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

5.9AI score
Exploits0
Circl
Circl
added 6 days ago10 views

CVE-2026-58304

creationtimestamp| type| source ---|---|--- 2026-07-09 11:59:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq7lgyakfq26...

6.1CVSS5.9AI score0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week5 views

CVE-2026-8650

Relative path traversal vulnerability in Progress MOVEit Transfer Admin Settings module. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...

4.5CVSS5.9AI score0.00365EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added last week6 views

EUVD-2026-42370

Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3...

6.4CVSS5.9AI score0.00258EPSS
Exploits0References1
Circl
Circl
added last week8 views

CVE-2026-11903

creationtimestamp| type| source ---|---|--- 2026-07-08 17:37:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq5nvsx5n62g 2026-07-08 20:15:14+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/progress-security-advisory-av26-678 2026-07-09 11:30:31+00:00| seen|...

8CVSS5.9AI score0.00275EPSS
Exploits0References3
NVD
NVD
added last week7 views

CVE-2026-49145

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

7.5CVSS0.00329EPSS
Exploits0References2
CVE
CVE
added last week23 views

CVE-2026-49145

CVE-2026-49145 affects App::Ack for Perl up to version 3.10.0. The flaw arises because ack searches upward for a project .ackrc and loads its options; the project-source blocklist did not include --files-from, allowing a project .ackrc to set --files-from to a path whose listed files ack will rea...

7.5CVSS6AI score0.00329EPSS
Exploits0References2
EUVD
EUVD
added last week4 views

EUVD-2026-42288

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

7.5CVSS6AI score0.00329EPSS
Exploits0References1
Cvelist
Cvelist
added last week36 views

CVE-2026-49145 App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

0.00329EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added last week9 views

CVE-2026-49145

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

7.5CVSS6AI score0.00329EPSS
Exploits0
Rows per page
Query Builder