Lucene search
+L

253 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28984

Malicious code in bioql PyPI...

7.2CVSS6.4AI score0.00423EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.23 views

EUVD-2024-54700

Malicious code in bioql PyPI...

5.3CVSS9.1AI score0.00858EPSS
Exploits0References6
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-7115

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00525EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6049

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00503EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-15721

Malicious code in bioql PyPI...

6CVSS6.5AI score0.0009EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/10/03 12:0 a.m.6 views

PT-2025-40598

Name of the Vulnerable Software and Affected Versions OpenSupports version 4.11.0 Description Two unauthenticated diagnostic endpoints permit arbitrary backend-initiated network connections to a destination specified by an attacker. These endpoints are accessible without authentication due to a...

6.9CVSS6.7AI score0.00281EPSS
Exploits1References7
packetstormnews
packetstormnews
added 2025/10/03 12:0 a.m.7 views

PentestMCP: A Toolkit for Agentic Penetration Testing

Agentic AI is transforming security by automating many tasks being performed manually. While initial agentic approaches employed a monolithic architecture, the Model-Context-Protocol has now enabled a remote-procedure call RPC paradigm to agentic applications, allowing for the flexible constructi...

6.9AI score
Exploits0
githubexploit
githubexploit
added 2025/09/16 3:9 p.m.211 views

SemiAutoPenTestingTool

It is an offensive tool for network exploitation. This repositor...

8.3AI score
Exploits0
githubexploit
githubexploit
added 2025/09/14 9:28 p.m.377 views

Exploit for CVE-2025-12654

AnyDesk Exploit AnyDesk, remote access software, has faced se...

9.8CVSS7.8AI score0.80551EPSS
Exploits9
githubexploit
githubexploit
added 2025/09/06 11:53 a.m.193 views

VulnXploit

VulnScan Pro - Advanced Vulnerability Scanner A professional...

7AI score
Exploits0
gitee
gitee
added 2025/09/06 12:38 a.m.254 views

Exploit for CVE-2017-0143

💬 README中文 • Compile/Install/Run • Parameter Description • How to use • Scenario • POC List • Custom Scan • Best Practices Features - Free one id Multi-target web netcat for reverse shell - What is scan4all: integrated vscan, nuclei, ksubdomain, subfinder, etc., fully automated and intelligent。re...

9.3CVSS8.4AI score0.99693EPSS
Exploits94
githubexploit
githubexploit
added 2025/09/04 11:32 p.m.200 views

EternalBlueExploitation

Eternal Blue Exploitation Description For this project, I expl...

6.8AI score
Exploits0
cvelist
cvelist
added 2025/09/01 3:46 p.m.16 views

CVE-2025-55007 Knowage vulnerable to server-side request forgery

Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, Knowage is vulnerable to server-side request forgery. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact of this...

3.5CVSS0.00176EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/09/01 12:0 a.m.6 views

Knowage 代码问题漏洞

Knowage is an open source suite for modern business analytics on legacy resources and big data systems from Knowage, Italy. A code issue vulnerability exists in Knowage versions prior to 8.1.37 that stems from server-side request forgery and could lead to scanning of the internal network...

5.3CVSS6.8AI score0.00176EPSS
Exploits0References3
nvd
nvd
added 2025/06/25 8:15 a.m.13 views

CVE-2024-51980

An unauthenticated attacker may perform a limited server side request forgery SSRF, forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service HTTP TCP port 80 SOAP request. The...

5.3CVSS0.00858EPSS
Exploits0References10
vulnrichment
vulnrichment
added 2025/06/25 7:22 a.m.6 views

CVE-2024-51980 Unauthenticated Server Side Request Forgery (SSRF) via WS-Addressing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker may perform a limited server side request forgery SSRF, forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service HTTP TCP port 80 SOAP request. The...

5.3CVSS7.3AI score0.00858EPSS
Exploits0References10
cvelist
cvelist
added 2025/06/10 2:33 p.m.57 views

CVE-2024-34711 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)

GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...

9.3CVSS0.00262EPSS
Exploits0References2
osv
osv
added 2025/06/10 2:13 p.m.65 views

GHSA-MC43-4FQR-C965 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)

Summary An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. Attacker can abuse this to scan internal networks and gain information about them then exploit further. Moreover,...

9.3CVSS7.1AI score0.00262EPSS
Exploits0References4
github
github
added 2025/06/10 2:13 p.m.10 views

GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)

Summary An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. Attacker can abuse this to scan internal networks and gain information about them then exploit further. Moreover,...

9.3CVSS9.4AI score0.00262EPSS
Exploits0References4Affected Software2
githubexploit
githubexploit
added 2025/06/05 7:4 a.m.201 views

Exploit for Missing Authorization in Gitlab

CVE-2023-5612 – GitLab SSRF via Webhook URL PoC & Analysis...

5.3CVSS5.6AI score0.04392EPSS
Exploits3
Rows per page
Query Builder