Lucene search
K

54845 matches found

Packet Storm
Packet Storm
added 2025/12/10 12:0 a.m.155 views

📄 YOURLS 1.8.2 SQL Injection

Proof of concept for a remote SQL injection vulnerability in YOURLS version 1.8.2. ============================================================================================================================================= | Title : YOURLS 1.8.2 SQL Injection & System Compromise in Administrati...

7.4CVSS8.2AI score0.01994EPSS
Exploits5
Drupal
Drupal
added 2025/12/10 12:0 a.m.13 views

Acquia Content Hub - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-125

This module provides a centralized content distribution and syndication solution so thta customers can publish, reuse, and syndicate content across a network of Drupal websites. The module doesn't sufficiently protect export routes from cross-site request forgery CSRF attacks, potentially allowin...

8.1CVSS5.3AI score0.0013EPSS
Exploits0References1
Metasploit
Metasploit
added 2025/12/09 6:55 p.m.303 views

HTTP Fetch, Linux Command Shell, Find Port Inline

Fetch and execute an PPC payload from an HTTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/http/ppc/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...show an...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2025/12/09 6:55 p.m.409 views

HTTPS Fetch, Linux Command Shell, Find Port Inline

Fetch and execute an MIPSLE payload from an HTTPS server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/https/ppc/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...sh...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2025/12/09 6:55 p.m.448 views

HTTPS Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an MIPSLE payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sh...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2025/12/09 6:55 p.m.672 views

Unauthenticated RCE in React Server Components (React2Shell)

A critical unauthenticated Remote Code Execution RCE vulnerability exists in React Server Components RSC Flight protocol. The vulnerability allows attackers to achieve prototype pollution during deserialization of RSC payloads by sending specially crafted multipart requests with "proto",...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/12/09 6:30 p.m.6 views

EUVD-2025-201848

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...

9.9CVSS6.3AI score0.03895EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-202160

Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox 146...

5.9AI score0.00394EPSS
Exploits0References3
NVD
NVD
added 2025/12/09 4:18 p.m.2 views

CVE-2025-62152

Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through = 269.2...

5.3CVSS0.00214EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.13 views

CVE-2025-42880

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...

9.9CVSS0.03895EPSS
Exploits0References2
OSV
OSV
added 2025/12/09 4:17 p.m.2 views

UBUNTU-CVE-2025-40332

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...

5.7AI score0.00184EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2025/12/09 12:20 p.m.2 views

kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()

A use after free exists in the wifi module of the linux kernel in the function brcmfnetdevstartxmit,thereby leading to damage to system availability and integrity...

7.8CVSS7.4AI score0.0015EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/09 9:33 a.m.21 views

CVE-2025-66325

Permission control vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS6.9AI score0.00077EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.5 views

CVE-2025-66323

Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect availability...

5.5CVSS6.8AI score0.00066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.4 views

CVE-2025-66326

Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability...

6.7CVSS6.9AI score0.00059EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.3 views

CVE-2025-66327

Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

7.1CVSS6.9AI score0.00057EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.4 views

CVE-2025-66328

Multi-thread race condition vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect availability...

8.4CVSS6.8AI score0.0006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.4 views

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

8.4CVSS6.8AI score0.00076EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 4:9 a.m.17 views

CVE-2025-40332

CVE-2025-40332: In the Linux kernel, drm/amdkfd mmap write lock could deadlock when draining a retry fault, because svm_range_restore_pages would unlock mmap_read_lock and return. The fix downgrades the mmap write lock to a read lock during draining retry faults, preventing deadlock and subsequen...

6AI score0.00184EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/09 2:15 a.m.7 views

CVE-2025-42880 Code Injection vulnerability in SAP Solution Manager

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...

9.9CVSS6.4AI score0.03895EPSS
Exploits0References2
Rows per page
Query Builder