open-notebook 安全漏洞

Open-Notebook is a privacy-oriented multi-model AI note-taking tool developed by Luis Novo. Version 1.8.3 of Open-Notebook contains a security vulnerability. This vulnerability stems from a lack of user input validation in the file upload function, which may allow users to access the content of...

EUVD-2025-26906

Malicious code in bioql PyPI...

EUVD-2024-45498

Malicious code in bioql PyPI...

CVE-2025-58871

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...

luis-reddit-cli (=1.0.0), md-links-larissadepaula (>=0.2.0 <=0.2.1) +1 more potentially affected by unknown CVE via node-fecth (=0.0.1-security)

node-fecth NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on node-fecth and may be impacted: - luis-reddit-cli =1.0.0 - md-links-larissadepaula =0.2.0, =0.0.37, =0.0.40 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27...

CVE-2024-51698 WordPress Master Bar plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Bar master-bar allows Reflected XSS.This issue affects Master Bar: from n/a through = 1.0...

CVE-2024-51698

CVE-2024-51698 is a Reflected XSS in the WordPress plugin Master Bar (Master Bar) caused by improper input neutralization during web page generation. Affected range is from n/a through 1.0. CVSS 3.1 base metrics: 7.1 (HIGH) , attack vector Network , user interaction Required , privileges None , a...

NuGet Package 'Microsoft.Bot.Builder.AI.Luis' Detection

The remote host has a 'Microsoft.Bot.Builder.AI.Luis' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2024-35993

A vulnerability was found in the Linux kernel's memory management system, specifically affecting the handling of hugetlb huge page memory. The issue arises from the foliotesthugetlb function, which can be misled by a concurrent folio split, potentially returning incorrect results for folios that ...

Grafiki - Threat Hunting Tool About Sysmon And Graphs

Grafiki is a Django project about Sysmon and graphs, for the time being. In my opinion EventViewer, Elastic and even Kibana, are not graphic enough. The current threats are complicated and if attackers think in graphs, defenders also must do it. This is a proof of concept, the code was not debugg...

Cobian Reflector 0.9.93 RC1 - (Password) Denial of Service Exploit

Exploit Title: Cobian Reflector 0.9.93 RC1 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.cobiansoft.com/ Software Link: https://files.cobiansoft.com/programs/crSetup-0.9.93-RC1.exe Tested Version: 0.9.93 RC1 Vulnerability Type: Denial of Service DoS...

Cobian Reflector 0.9.93 RC1 - &#039;Password&#039; Denial of Service (PoC)

Exploit Title: Cobian Reflector 0.9.93 RC1 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-02-16 Vendor Homepage: https://www.cobiansoft.com/ Software Link: https://files.cobiansoft.com/programs/crSetup-0.9.93-RC1.exe Tested Version: 0.9.93 RC1 Vulnerability...

Emerson PAC Machine Edition 9.80 Build 8695 Unquoted Service Path

Exploit Title: Emerson PAC Machine Edition 9.80 Build 8695 - 'TrapiServer' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-13 Vendor Homepage: https://www.emerson.com/en-us Software Link : https://www.opertek.com/descargar-software/?prc=326 Tested Version: 9.80 Build 869...

Doldrums - A Flutter/Dart Reverse Engineering Tool

To flutter: to move in quick, irregular motions, to beat rapidly, to be agitated. Doldrums: a period of stagnation. Doldrums is a reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally...

SUSE: Security Advisory (SUSE-SU-2020:3107-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Realtek Wireless LAN Utility 700.1631 - (Realtek11nSU) Unquoted Service Path Vulnerability

Exploit Title: Realtek Wireless LAN Utility 700.1631 - 'Realtek11nSU' Unquoted Service Path Discovery by: Luis Martinez Vendor Homepage: https://www.realtek.com/en/ Tested Version: 700.1631 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to discover Unquoted...

CMS Made Simple 2.2.14 Shell Upload

!/usr/bin/python3 -- coding: utf-8 -- Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Luis Noriega @nogagmx Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...

Bludit 3.9.12 - Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: Bludit 3.9.12 - Directory Traversal Exploit Author: Luis Vacacas Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: = 3.9.12 Tested on: Ubuntu 19.10 CVE : CVE-2019-16113 !/usr/bin/en...

Bludit 3.9.12 - Directory Traversal

Exploit Title: Bludit 3.9.12 - Directory Traversal Date: 2020-06-05 Exploit Author: Luis Vacacas Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: = 3.9.12 Tested on: Ubuntu 19.10 CVE : CVE-2019-16113 !/usr/bin/env python3 -- coding: utf-8 -- import...

Bludit 3.9.12 Directory Traversal

Exploit Title: Bludit 3.9.12 - Directory Traversal Date: 2020-06-05 Exploit Author: Luis Vacacas Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: = 3.9.12 Tested on: Ubuntu 19.10 CVE : CVE-2019-16113 !/usr/bin/env python3 -- coding: utf-8 -- import...