Lucene search
K

815302 matches found

GithubExploit
GithubExploit
added 1 hour ago6 views

ghostlock-ace6t

GhostLock — OnePlus Ace 6T Jailbreak Kernel exploit for OnePl...

7.8CVSS6.2AI score0.00125EPSS
Exploits7
GithubExploit
GithubExploit
added 4 hours ago12 views

Exploit for Deserialization of Untrusted Data in Apache Camel

camel-jms Forged DefaultExchangeHolder Filter-Bypass Reproduce...

9.8CVSS6.2AI score0.00881EPSS
Exploits2
NVD
NVD
added 5 hours ago8 views

CVE-2026-61876

LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing adjacent network attackers to inject HTML markup. Attackers can send a DHCPv6 Client FQDN containing script tags that execute in the administrator's browser when viewing DHCP lease pages...

9.4CVSS
Exploits0References2
GithubExploit
GithubExploit
added 5 hours ago13 views

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

PoC for the ThemeBleed CVE-2023-38146 exploit Windows 11 Them...

8.8CVSS7AI score0.39491EPSS
Exploits5
Cvelist
Cvelist
added 5 hours ago9 views

CVE-2026-61876 LuCI DHCPv6 Lease Hostname Stored Cross-Site Scripting

LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing adjacent network attackers to inject HTML markup. Attackers can send a DHCPv6 Client FQDN containing script tags that execute in the administrator's browser when viewing DHCP lease pages...

9.4CVSS
Exploits0References2
CVE
CVE
added 5 hours ago7 views

CVE-2026-61876

LuCI DHCPv6 lease hostnames are not properly encoded before rendering in status pages, enabling stored cross-site scripting. An adjacent attacker can deliver a DHCPv6 Client FQDN containing script tags that execute in the administrator’s browser when viewing DHCP lease pages. Affected: LuCI web i...

9.4CVSS6.2AI score
Exploits0References2
EUVD
EUVD
added 5 hours ago6 views

EUVD-2026-43236

LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing adjacent network attackers to inject HTML markup. Attackers can send a DHCPv6 Client FQDN containing script tags that execute in the administrator's browser when viewing DHCP lease pages...

9.4CVSS6.2AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 5 hours ago12 views

The vulnerability of the MmMapIoSpace() function in the ThrottleBlood.sys driver allows a hacker to escalate their privileges, execute arbitrary code, or cause a service failure.

The vulnerability of the MmMapIoSpace function in the ThrottleBlood.sys driver, as part of the ThrottleStop utility, is related to open IOCTLs with insufficient access control. Exploiting this vulnerability could allow an attacker to enhance their privileges, execute arbitrary code, or cause...

7.5CVSS6AI score0.06702EPSS
Exploits8References3Affected Software1
GithubExploit
GithubExploit
added 7 hours ago17 views

Exploit for Deserialization of Untrusted Data in Apache Camel

camel-hazelcast Default-Instance Unsafe Deserialization Reprod...

8.1CVSS6.3AI score0.00804EPSS
Exploits1
GithubExploit
GithubExploit
added 8 hours ago23 views

Exploit for CVE-2026-4631

CVE-2026-4631 — Cockpit Mass Exploit Tool Unauthenticated...

9.8CVSS6.8AI score0.142EPSS
Exploits4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago7 views

Malicious code in solidity-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30501f6602a5b5b436ef5d6224ec332fa866c9e8b9da4d0de3bc69de868b1fff soliditydev/init.py contains a large base64-encoded Linux x8664 ELF binary in PAYLOADB64. On import soliditydev, the module decodes the blob, writes ...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 9 hours ago6 views

Malicious code in py-base58 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4ef10f40dc13a645cebdee601417b590c92ab69039dbdf9962c36b36497949b py-base58 2.1.3 masquerades as a pure-Python base58 encoder but on first import of the top-level base58 package decodes a 640KB base64-embedded Linux...

6.1AI score
Exploits0References3
GithubExploit
GithubExploit
added 13 hours ago11 views

Exploit for Out-of-bounds Write in Netapp Bootstrap_Os

glibc 힙 버퍼 오버플로우 취약점CVE-2023-4911 | 항목 | 내용 | |---|---| | C...

7.8CVSS6.8AI score0.81422EPSS
Exploits28
NVD
NVD
added 13 hours ago8 views

CVE-2026-15476

A security vulnerability has been detected in QILING Disk Master 6.0.0.0. The impacted element is an unknown function in the library diskbckp.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack can only be performed from a local environment. The...

5.3CVSS
Exploits0References6
GithubExploit
GithubExploit
added 13 hours ago29 views

Exploit for Improper Authentication in Cisco Catalyst_Sd-Wan_Manager

Executive Summary The CVE-2026-20127 Defensive Companion is a...

10CVSS7.1AI score0.57793EPSS
Exploits10
CVE
CVE
added 13 hours ago11 views

CVE-2026-15476

CVE-2026-15476 affects QILING Disk Master 6.0.0.0 and its Kernel Driver component diskbckp.sys, where an unknown function in that library enables local privilege escalation via improper access controls. The vulnerability is local, with low attack complexity and proof-of-concept exploit maturity r...

5.3CVSS5.8AI score
Exploits0References6
Cvelist
Cvelist
added 13 hours ago10 views

CVE-2026-15476 QILING Disk Master Kernel Driver diskbckp.sys access control

A security vulnerability has been detected in QILING Disk Master 6.0.0.0. The impacted element is an unknown function in the library diskbckp.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack can only be performed from a local environment. The...

5.3CVSS
Exploits0References6
EUVD
EUVD
added 13 hours ago9 views

EUVD-2026-43198

A security vulnerability has been detected in QILING Disk Master 6.0.0.0. The impacted element is an unknown function in the library diskbckp.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack can only be performed from a local environment. The...

5.3CVSS5.7AI score
Exploits0References6
Nuclei
Nuclei
added 14 hours ago10 views

CHAOS 5.0.1 'sendCommandHandler' - Cross-Site Scripting

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component. id: CVE-2024-31839 info: name: CHAOS 5.0.1 'sendCommandHandler' - Cross-Site Scripting author: riteshs4hu severity:...

4.8CVSS6.8AI score0.08104EPSS
Exploits6References2
Nuclei
Nuclei
added 14 hours ago195 views

rConfig 3.9 - SQL Injection

An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter. id: CVE-2020-10220 info: name: rConfig 3.9 - SQL Injection author: ritikchaddha,theamanrawat severity: critical description: | An issue was discovered i...

9.8CVSS7AI score0.99683EPSS
Exploits14References5
Rows per page
Query Builder