Lucene search
+L

32283 matches found

githubexploit
githubexploit
added 2026/06/13 5:29 a.m.97 views

AutoVAPT

█████╗ ██╗ ██╗████████╗ ██████╗ ██╗ ██╗ █████╗ ██████╗...

9.3CVSS8AI score0.9923EPSS
Exploits55
redhatcve
redhatcve
added 2026/06/09 2:58 a.m.15 views

CVE-2026-11475

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

6.5CVSS6.4AI score0.00133EPSS
Exploits0References1
nvd
nvd
added 2026/06/08 2:16 a.m.17 views

CVE-2026-11475

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

6.5CVSS0.00133EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/06/08 1:15 a.m.10 views

CVE-2026-11475 Kushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injection

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

6.5CVSS6.4AI score0.00133EPSS
Exploits0References6
attackerkb
attackerkb
added 2026/06/08 1:15 a.m.8 views

CVE-2026-11475

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

6.5CVSS6.4AI score0.00133EPSS
Exploits0References6
cvelist
cvelist
added 2026/06/08 1:15 a.m.46 views

CVE-2026-11475 Kushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injection

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

6.5CVSS0.00133EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/08 12:0 a.m.19 views

PT-2026-47237

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

6.5CVSS6.4AI score0.00133EPSS
Exploits0References7
redhatcve
redhatcve
added 2026/06/05 7:36 p.m.13 views

CVE-2026-41687

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...

4.3CVSS5.4AI score0.00204EPSS
Exploits0References1
githubexploit
githubexploit
added 2026/06/04 7:39 p.m.93 views

exploit-validator

$repo Production-grade offensive security tool for Purpose...

5.8AI score
Exploits0
vulnrichment
vulnrichment
added 2026/05/28 3:44 a.m.14 views

CVE-2026-9793 Keycloak: keycloak: security policy bypass in jwe-encrypted request object processing

A flaw was found in Keycloak. When a JSON Web Encryption JWE encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit unauthorized claims, leadin...

5.9CVSS5.8AI score0.0012EPSS
Exploits0References2
euvd
euvd
added 2026/05/28 3:44 a.m.14 views

EUVD-2026-32707

A flaw was found in Keycloak. When a JSON Web Encryption JWE encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit unauthorized claims, leadin...

5.9CVSS5.8AI score0.0012EPSS
Exploits0References2
redhat
redhat
added 2026/05/27 1:41 p.m.23 views

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.8.7 release.

Red Hat Developer Hub 1.8.7 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

10CVSS5.8AI score0.00808EPSS
Exploits8References32
cnnvd
cnnvd
added 2026/05/25 12:0 a.m.16 views

SourceCodester Student Grades Management System 授权问题漏洞

SourceCodester Student Grades Management System is SourceCodester open source a student grades management system . SourceCodester Student Grades Management System version 1.0 has an authorization issue vulnerability , the vulnerability stems from the operation of the parameter studentid in the fi...

6.5CVSS6.6AI score0.00261EPSS
Exploits0References5
nvd
nvd
added 2026/05/07 3:16 p.m.15 views

CVE-2026-41687

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...

4.3CVSS0.00204EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/07 1:48 p.m.32 views

CVE-2026-41687 Wallos: SSRF CGNAT Bypass in subscription/payments Logo URL — is_cgnat_ip() Not Used in Inline Checks

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...

4.3CVSS0.00204EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/05/07 1:48 p.m.11 views

CVE-2026-41687

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...

4.3CVSS5.7AI score0.00204EPSS
Exploits0References4Affected Software1
euvd
euvd
added 2026/05/07 1:48 p.m.17 views

EUVD-2026-28383

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...

4.3CVSS5.7AI score0.00204EPSS
Exploits0References3
cve
cve
added 2026/05/07 1:48 p.m.15 views

CVE-2026-41687

Wallos vulnerability CVE-2026-41687 affects prior to version 4.8.1. The SSRF protection in endpoints/subscription/add.php and endpoints/payments/add.php relies on inline IP validation that omits CGNAT 100.64.0.0/10. The project’s ssrf_helper.php defines is_cgnat_ip(), but the logo/icon URL fetchi...

4.3CVSS5.7AI score0.00204EPSS
Exploits0References3
hackread
hackread
added 2026/05/05 1:30 p.m.36 views

LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations

Cambridge, MA, 5th May 2026, CyberNewswire...

5.8AI score
Exploits0
cnnvd
cnnvd
added 2026/05/01 12:0 a.m.10 views

Automotive Grade Linux app-framework-binder 安全漏洞

Automotive Grade Linux app-framework-binder is an application framework communication component from Automotive Grade Linux, Inc. A security vulnerability exists in Automotive Grade Linux app-framework-binder version 19.90.0 and earlier, which stems from the existence of elevation of privilege in...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References1
Rows per page
Query Builder