86012 matches found
Exploit for Missing Release of Memory after Effective Lifetime in Linux Linux_Kernel
android-selinux-disabler Standalone extraction of the SELinux...
Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
log4shell-scanner A dependency-free, defensive scanner for...
Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl_Firmware
HIKRAVEN 🛡️ Advanced Hikvision Security Assessmen...
Exploit for OS Command Injection in Zoneminder
CVE-2023-26039 Description ZoneMinder is a free, open sou...
Malicious code in trongridme (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 04117292d543eae5a1d22c78d8a4507cc196c8770c9fb0a09ae2f9a10a8009d4 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2026-10771 Malicious code in trongridme (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0388d3aee1f1a4d5c6a27ab1c30e0cb6c8b9679708bd8b1cf3f5c5e76624f77 Source: kam193 04117292d543eae5a1d22c78d8a4507cc196c8770c9fb0a09ae2f9a10a8009d4 Package appears to be designed for private key exfiltration, but no known...
CVE-2026-54242
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...
CVE-2026-54244
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and terms in src/Http/Controllers/CP/PreviewController.php only checked view authorization, but it accepts and renders caller-supplied field values. A...
CVE-2026-54243
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...
CVE-2026-54243 Statamic: CSV formula injection in form submission exports
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...
CVE-2026-54243
CVE-2026-54243 affects Statamic CMS (Laravel/Git-powered). Prior to 5.73.24 and 6.20.1, form submission values exported to CSV via CsvExporter.php were not neutralized for spreadsheet formula characters. A value starting with =, +, -, or @ could be interpreted as a live formula when an editor ope...
EUVD-2026-45321
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...
CVE-2026-54243
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...
CVE-2026-54242
Statamic CMS contains a vulnerability in the Glide image proxy (DNS rebinding) that bypasses URL validation. In affected versions prior to 5.73.24 and 6.20.1, the RemoteUrlValidator and GuzzleAdapter could allow an attacker controlling a DNS hostname to rebind to an internal address after initial...
CVE-2026-54242 Statamic: Server-Side Request Forgery via Glide (DNS rebinding)
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...
EUVD-2026-45320
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...
CVE-2026-54242
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...
CVE-2026-54244 Statamic: Incorrect authorization lets view-only users submit Live Preview content reserved for editors
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and terms in src/Http/Controllers/CP/PreviewController.php only checked view authorization, but it accepts and renders caller-supplied field values. A...
CVE-2026-54244
Statamic CMS suffers an Incorrect Authorization issue in the Live Preview feature. Before versions 5.74.0 and 6.20.3, the Live Preview endpoint in src/Http/Controllers/CP/PreviewController.php only checked view permissions and could render caller-supplied field values. A Control Panel user with v...
EUVD-2026-45319
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and terms in src/Http/Controllers/CP/PreviewController.php only checked view authorization, but it accepts and renders caller-supplied field values. A...