280 matches found
network-pentest-metasploitable2
Network / System Penetration Test — Metasploitable 2 !Type...
Internal-Penetration-Test-Report-Web-Exploitation-Post-Exploitation-Using-Metasploit-
Internal-Penetration-Test-Report-Web-Exploitation-Post-Exploit...
bleak
BLEAK — Bluetooth Link Exploitation & Attack Knowledgebase...
Open WebUI missing authorization check at the model update function - models from other users can be updated
Summary A user can modify another user's model even if its visibility is set to Private. The finding resulted from a penetration test for a customer. It is suspected that the root cause of the issue lies within the core of Open WebUI, which is why it is being reported as a security issue here...
report-anonymizer
🛡️ Report Anonymizer Local LLM anonymizer for penetration-t...
PT-2026-41175
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.5.7 Description An issue exists where a user can modify another user's model regardless of whether its visibility is set to Private. By altering access permissions during the editing process, unauthorized access...
Vuln_Exploitation_MegaQuagga_Pentest
Vulnerability Exploitation — MegaQuagga Penetration Test Repor...
Malicious code in vision-service-python-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 faa725015cfe04b49bbcf9f472d21a77993c7ca9692ad2b0912e9bd3d2554669 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Towards Leveraging LLMs to Generate Abstract Penetration Test Cases from Software Architecture
Software architecture models capture early design decisions that strongly influence system quality attributes, including security. However, architecture-level security assessment and feedback are often absent in practice, allowing security weaknesses to propagate into later phases of the software...
Exploit for CVE-1999-0368
🛡️ Advanced Penetration Testing & System Forensic Audit Mid...
Malicious code in strands-agents-anthropic (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b86e2f5ba17218d5e9377627cc2c437009cc3dc7c6615c87b8317995614288c6 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Faraday 5.19.0
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...
Faraday 5.18.0
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...
EUVD-2025-3092
Malicious code in bioql PyPI...
EUVD-2025-7358
Malicious code in bioql PyPI...
EUVD-2023-25582
Malicious code in bioql PyPI...
EUVD-2025-6021
Malicious code in bioql PyPI...
EUVD-2025-7359
Malicious code in bioql PyPI...
EUVD-2024-52836
Malicious code in bioql PyPI...
EUVD-2024-52821
Malicious code in bioql PyPI...