Lucene search
K

1654 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-45697

Malicious code in bioql PyPI...

5.9CVSS6AI score0.00419EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1524

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.01354EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2025/08/17 10:4 p.m.294 views

Exploit for CVE-2025-54253

CVE-2025-54253 Adobe AEM OGNL Injection Simulated PoC Lab !...

10CVSS8.9AI score0.87515EPSS
Exploits7
GithubExploit
GithubExploit
added 2025/08/13 4:58 p.m.364 views

Exploit for Command Injection in Microsoft

💥 CVE-2025-53773 — Remote Code Execution in GitHub Copilot 💥...

7.8CVSS8.2AI score0.02559EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/08/10 6:56 a.m.133 views

Exploit for Incorrect Authorization in Sudo_Project Sudo

sudo CVE-2025 Toolkit Unified scanner, benign proof-of-...

9.3CVSS7AI score0.47467EPSS
Exploits77
GithubExploit
GithubExploit
added 2025/08/09 1:18 p.m.219 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

Sudo CVE-2025-32463 — PoC !GitHub last commithttps://img.s...

9.3CVSS7.6AI score0.47467EPSS
Exploits70
The Hacker News
The Hacker News
added 2025/08/06 4:49 a.m.7 views

CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added three old security flaws impacting D-Link Wi-Fi cameras and video recorders to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation in the wild. The high-severity vulnerabilities,...

9CVSS8.1AI score0.97901EPSS
Exploits5
Github Security Blog
Github Security Blog
added 2025/07/31 2:2 p.m.13 views

MS SWIFT Remote Code Execution via unsafe PyYAML deserialization

Description A Remote Code Execution RCE vulnerability exists in the modelscope/ms-swift project due to unsafe use of yaml.load in combination with vulnerable versions of the PyYAML library ≤ 5.3.1. The issue resides in the tests/run.py script, where a user-supplied YAML configuration file is...

9.8CVSS7.9AI score0.02494EPSS
Exploits1References9Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/28 9:14 p.m.7 views

CVE-2025-8194

A flaw was found in the Python tarfile module. Processing a specially crafted tar archive, specifically an archive with negative offsets, can cause an infinite loop and deadlock. This issue results in a denial of service in the Python application using the tarfile module. Mitigation This flaw can...

7.5CVSS6.1AI score0.00611EPSS
Exploits0References6
HackRead
HackRead
added 2025/07/28 6:35 p.m.8 views

Scattered Spider Launching Ransomware on Hijacked VMware Systems, Google

A new report from Google's GTIG reveals how UNC3944 0ktapus uses social engineering to compromise Active Directory, then exploits VMware vSphere for data theft and direct ransomware deployment. Understand their tactics and learn vital mitigation steps...

7.3AI score
Exploits0
GithubExploit
GithubExploit
added 2025/07/22 2:24 p.m.624 views

Exploit for CVE-2025-34085

📌 CVE-2025-34085 — Simple File List WordPress Plugin RCE 📌...

9.8CVSS7.6AI score0.12633EPSS
Exploits10
GithubExploit
GithubExploit
added 2025/07/16 9:2 p.m.343 views

Exploit for CVE-2025-22870

CVE-2025-22870 – Proxy Bypass via IPv6 Zone Parsing in Go 🔐...

4.4CVSS7.1AI score0.00384EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/07/16 9:23 a.m.372 views

Exploit for Code Injection in Craftcms Craft_Cms

🧨 CVE-2025-32432 – Craft CMS Pre-auth RCE 🧨 🕵️ Overview...

10CVSS10AI score0.99803EPSS
Exploits14
CVE
CVE
added 2025/07/15 7:27 p.m.75 views

CVE-2025-50063

CVE-2025-50063 (Oracle Java SE Install component) is documented to affect Oracle Java SE 8u451. The vulnerability can be exploited by a low-privileged user with logon access to the infrastructure where Java SE runs, and successful exploitation requires user interaction. It can lead to takeover of...

7.3CVSS6.9AI score0.00245EPSS
Exploits0References1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/14 10:27 a.m.15 views

Security Bulletin: IBM Jazz for Service Management is vulnerable to cross-site scripting via searchWord parameter.

Summary IBM Jazz for Service Management is vulnerable to cross-site scripting, allowing malicious scripts to be executed via the searchWord parameter on the static help page CVE-2024-52892. Vulnerability Details CVEID:CVE-2024-52892 DESCRIPTION: IBM Jazz for Service Management is vulnerable to...

6.1CVSS6AI score0.00248EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/07/09 10:40 p.m.30 views

GHSA-QF34-QPR4-5PPH docusaurus-plugin-content-gists vulnerability exposes GitHub Personal Access Token

GitHub Personal Access Token Exposure in docusaurus-plugin-content-gists Summary docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuration options. The token, intended for...

10CVSS6.1AI score0.01842EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/07/09 10:40 p.m.19 views

docusaurus-plugin-content-gists vulnerability exposes GitHub Personal Access Token

GitHub Personal Access Token Exposure in docusaurus-plugin-content-gists Summary docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuration options. The token, intended for...

10CVSS7.1AI score0.01842EPSS
Exploits0References4Affected Software1
GithubExploit
GithubExploit
added 2025/07/09 9:34 p.m.853 views

Exploit for CVE-2025-32023

CVE-2025-32023 - Redis Remote Code Execution RCE 🚨 🧠 Ove...

7CVSS8.2AI score0.03877EPSS
Exploits4
Cvelist
Cvelist
added 2025/07/09 3:16 p.m.8 views

CVE-2025-7381 Exposure of sensitive PHP information to an unauthorized control sphere in mautic/mautic images

ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint the server and identify potential weaknesses. WorkaroundsThe mitigation requires changin...

5.3CVSS0.00237EPSS
Exploits0References1
CVE
CVE
added 2025/07/09 3:16 p.m.20 views

CVE-2025-7381

CVE-2025-7381 affects Mautic-related Docker images and the PHP base image: an information-disclosure flaw where the X-Powered-By header reveals the PHP version, enabling server fingerprinting. Root cause is PHP’s expose_php behavior; attack surface is the header exposure rather than code executio...

5.3CVSS6.2AI score0.00237EPSS
Exploits0References1
Rows per page
Query Builder