253 matches found
SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery
SAP BusinessObjects Business Intelligence Platform Web Services 410, 420, and 430 is susceptible to blind server-side request forgery. An attacker can inject arbitrary values as CMS parameters to perform lookups on the internal network, which is otherwise not accessible externally. On successful...
[SECURITY] Fedora 43 Update: nmap-7.92-8.fc43
Nmap is a utility for network exploration or security auditing. It supports ping scanning determine which hosts are up, many port scanning techniques determine what services the hosts are offering, and TCP/IP fingerprinting remote host operating system identification. Nmap also offers flexible ta...
[SECURITY] Fedora 44 Update: nmap-7.92-11.fc44
Nmap is a utility for network exploration or security auditing. It supports ping scanning determine which hosts are up, many port scanning techniques determine what services the hosts are offering, and TCP/IP fingerprinting remote host operating system identification. Nmap also offers flexible ta...
MAL-2026-6722 Malicious code in date-fns-lite (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4694a079d83e33dcee7f87140c41737009d9f0b19f351c23f2ae3dbce9a47a51 [email protected] presents as a lightweight date-formatting utility but ships a malicious postinstall.js that runs automatically on npm install. T...
CVE-2026-56771
NewsBlur before version 14.5.0 contains a server-side request forgery vulnerability in the addurl endpoint that allows authenticated users to make arbitrary server requests to internal networks by failing to filter private IP addresses. Attackers can exploit this to access localhost services and...
exploit-scripts
Offensive Security Toolkit ╔═════════════════════════════...
OffSploit
OffSploit: Autonomous Exploit Adaptation & C2 Framework !Py...
ember
🔥 Ember AI systems burn brightly but hide their secrets. Em...
Penetration-Testing-Exploitation-of-Vulnerable-Linux-Systems
Penetration-Testing-Exploitation-of-Vulnerable-Linux-Systems K...
Exploit for CVE-2007-2447
🛡️ Metasploitable2 Vulnerability Assessment Author: Jaden Julius...
Eternalblue-ms17-010-lab
01-EternalBlue-MS17-010-README.mdhttps://github.com/user-atta...
Vulnerability-Scanner-using-Ollama-3-
Vulnerability Scanning & Exploitation Toolkit A Python-based...
Nextcloud News app 代码问题漏洞
The Nextcloud News app is an RSS/Atom news aggregator developed by Nextcloud as open source. Versions of the Nextcloud News app prior to 28.3.0-beta.1 contained code vulnerabilities. These vulnerabilities stemmed from the lack of verification of the feed URL provided by users, which could lead to...
RayVentory Scan Engine 安全漏洞
RayVentory Scan Engine is a network scanning engine developed by the German company RayVentory, designed for automatically discovering and collecting IT asset information. Versions of RayVentory Scan Engine 12.6 Update 8 and earlier contain security vulnerabilities. These vulnerabilities allow...
CVE-2026-40500
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. The "Add Module from URL" feature requires superuser privileges root-equivalent in ProcessWire who already has unrestricted arbitrary code execution via standard module upload, making the SSRF vector incapable of providing...
CVE-2026-40500
...
CVE-2026-40500
Summary: Multiple sources describe a server-side request forgery (SSRF) in ProcessWire CMS prior to 3.0.256 via the admin panel’s “Add Module From URL” feature. The vulnerability permits an authenticated administrator to supply arbitrary URLs to the module-download parameter, triggering outbound ...
CVE-2026-4682
Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices WSD scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allo...
PT-2026-32517
EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Attachment/fromImageUrl endpoint is vulnerable to Server-Side Request Forgery SSRF via a DNS rebinding TOCTOU condition. Host validation uses dns get record but the actual HTTP...
Exploit for OS Command Injection in Vsftpd_Project Vsftpd
🧨 Metasploitable 2 Penetration Testing Lab 📅 Duration 2026...