Lucene search
K

354484 matches found

GithubExploit
GithubExploit
added 17 minutes ago1 views

Exploit for OS Command Injection in Devcode Openstamanager

CVE-2025-69212 --- Description OpenSTAManager is a manag...

9.4CVSS0.01755EPSS
Exploits10
NVD
NVD
added 1 hour ago3 views

CVE-2026-54074

Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified...

7.8CVSS0.00082EPSS
Exploits0References1
GithubExploit
GithubExploit
added 1 hour ago5 views

linux-privesc

🐧 Linux Privilege Escalation Toolkit Automated enumeration...

Exploits0
GithubExploit
GithubExploit
added 1 hour ago3 views

SQLi-PoC

SQLi-PoC — CW... flag extractor A self-contained, sqlma...

Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 1 hour ago4 views

Malicious code in test-pkg-yarn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40b74339843ee482f3f135dd43e855f1f30758e20857333e0e6153748888769a package.json declares bin: "node": "./shim.js" , causing npm/yarn to symlink node in nodemodules/.bin and in a system bin dir on global install to a...

Exploits0References3
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-54074 @tinacms/cli: Remote Code Execution via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels

Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified...

7.8CVSS0.00082EPSS
Exploits0References1
CVE
CVE
added 1 hour ago12 views

CVE-2026-54074

Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified...

7.8CVSS0.00082EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 1 hour ago4 views

Malicious code in test-pkg-x0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d0014944456f668a25fa484bf7cb5f36a7128d6a585b86d9294d8d49b23049a Package declares scripts.postinstall pointing at shim.js, a script that runs unconditionally on npm install. shim.js branches on uname -s...

Exploits0References5
EUVD
EUVD
added 1 hour ago9 views

EUVD-2026-38009

Rancher vulnerable to command injection through unsanitized YAML parameter...

9.4CVSS6AI score0.01113EPSS
Exploits0References3
GithubExploit
GithubExploit
added 1 hour ago7 views

unified-bb-suite

Unified BB Suite — Combined Workflow Two work...

Exploits0
NVD
NVD
added 2 hours ago2 views

CVE-2026-58457

Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 contains an unauthenticated OS command injection vulnerability that allows network-adjacent attackers to execute arbitrary shell commands by injecting unsanitized input through the smacfilterconf handler in the commuos web backend. Attackers...

9.8CVSS
Exploits0References3
NVD
NVD
added 2 hours ago2 views

CVE-2026-54908

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Versions prior to 3.1.4 are vulnerable to Remote Denial of Service via panic while parsing a crafted ECDHEPSK ServerKeyExchange message. This issue has been fixed in version 3.1.4...

6.3CVSS
Exploits0References2
NVD
NVD
added 2 hours ago3 views

CVE-2026-14363

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows SQL Injection. This issue affects Mediawiki - Cargo Extension: from before 1.43.9,1.44.6,1.45.4...

6.9CVSS
Exploits0References3
GithubExploit
GithubExploit
added 2 hours ago7 views

Exploit for Unrestricted Upload of File with Dangerous Type in Devcode Openstamanager

OpenSTAManager RCE Exploit CVE-2026-38751 Overview This...

7.2CVSS6.6AI score0.00372EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2 hours ago3 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...

6.6CVSS0.00501EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2 hours ago3 views

vim: arbitrary command execution via modeline sandbox bypass

A flaw was found in Vim. A modeline is used to set specific editor options directly from a text file. However, the complete, guitabtooltip, printheader options and the mapset function lack proper security checks, allowing an attacker to bypass restrictions and cause arbitrary OS command execution...

8.2CVSS0.0047EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 hours ago2 views

vim: command injection when decompressing .tgz archives

A flaw was found in Vim. When decompressing .tgz archives, the Vimuntar function builds shell commands using shellescape without the special flag. This allows a specially crafted archive filename to trigger Vim cmdline-special expansion and execute arbitrary commands in the context of the current...

7CVSS0.00552EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2 hours ago3 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

8.2CVSS0.00552EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2 hours ago15 views

Exploit for OS Command Injection in Devcode Openstamanager

CVE-2025-69212 - OpenSTAManager OS Command Injection PoC U...

9.4CVSS6AI score0.01755EPSS
Exploits10
The Hacker News
The Hacker News
added 2 hours ago5 views

Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters

Argo CD , a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the component's internal network port. Synacktiv, which found the bug, says it can lead to a full cluster...

5.9AI score
Exploits0
Rows per page
Query Builder