Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

50 matches found

GithubExploit
GithubExploitadded yesterday37 views

eCPPT-Penetration-Testing-Reports

eCPPT Penetration Testing Reports Penetration testing lab rep...

9.8CVSS7.3AI score0.93372EPSS
Exploits7
Packet Storm News
Packet Storm Newsadded 2026/05/15 12:0 a.m.7 views

Rosemary 1.1.0

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.8AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/24 12:0 a.m.2 views

Rosemary 1.0.4

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.2AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/23 12:0 a.m.5 views

Rosemary 1.0.3

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.8AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/22 12:0 a.m.2 views

Rosemary 1.0.2

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.8AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/21 12:0 a.m.2 views

Rosemary 1.0.1

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.8AI score
Exploits0
GithubExploit
GithubExploitadded 2026/04/11 5:8 p.m.56 views

infosec-notebook

infosec-notebook Personal cybersecurity notes and references...

5.8AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/04/07 5:3 p.m.1 views

CVE-2026-33510

Homarr is an open-source dashboard. Prior to 1.57.0, a DOM-based Cross-Site Scripting XSS vulnerability has been discovered in Homarr's /auth/login page. The application improperly trusts a URL parameter callbackUrl, which is passed to redirect and router.push. An attacker can craft a malicious...

8.8CVSS5.9AI score0.00071EPSS
Exploits1References1
EUVD
EUVDadded 2026/04/06 2:51 p.m.1 views

EUVD-2026-19287

Homarr is an open-source dashboard. Prior to 1.57.0, a DOM-based Cross-Site Scripting XSS vulnerability has been discovered in Homarr's /auth/login page. The application improperly trusts a URL parameter callbackUrl, which is passed to redirect and router.push. An attacker can craft a malicious...

8.8CVSS5.9AI score0.00071EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/26 3:1 p.m.2 views

CVE-2026-32720

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

7.1CVSS5.8AI score0.00061EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/03/16 8:45 p.m.4 views

Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. In the specific case of...

9.9CVSS5.8AI score0.00065EPSS
Exploits0References5Affected Software2
GithubExploit
GithubExploitadded 2026/03/02 9:20 a.m.115 views

Offensive-Security-KnowledgeBase

Offensive-Security-KnowledgeBase Str...

5.9AI score
Exploits0
GithubExploit
GithubExploitadded 2026/01/29 7:32 p.m.172 views

Pentest-Lab-Waf-Bypass-SoledySecurity

Pentest-Lab-Waf-Bypass-SoledySecurity Hands-on web pentest lab...

5.9AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2026/01/03 12:0 a.m.1 views

PT-2026-1140

Name of the Vulnerable Software and Affected Versions Nuvation Energy nCloud VPN Service versions prior to 2025-12-01 Description A flaw exists in the Nuvation Energy nCloud VPN Service that permitted Network Boundary Bridging. This allowed for lateral client-to-client pivoting with minimal...

9.4CVSS6.6AI score0.00082EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2025/12/09 12:11 a.m.2 views

CVE-2025-65363

Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...

7.2CVSS7.2AI score0.00076EPSS
Exploits0References1
NVD
NVDadded 2025/12/08 5:16 p.m.3 views

CVE-2025-65363

Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...

7.2CVSS0.00076EPSS
Exploits0References3
EUVD
EUVDadded 2025/12/08 12:0 a.m.2 views

EUVD-2025-201720

Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...

7.2CVSS6.7AI score0.00076EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/12/08 12:0 a.m.1 views

PT-2025-49570

Name of the Vulnerable Software and Affected Versions Ruijie APs versions 11.1.x Description An authenticated user with web access can inject shell commands on Ruijie APs. This allows execution of appended shell expressions as root through the command parameter in the ''web action.do'' endpoint...

7.2CVSS6.6AI score0.00076EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 2025/12/08 12:0 a.m.1 views

CVE-2025-65363

Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...

6.8AI score0.00076EPSS
Exploits0References3
Packet Storm
Packet Stormadded 2025/11/03 12:0 a.m.133 views

📄 ClipBucket 5.5.2 Build 90 Server-Side Request Forgery

ClipBucket version 5.5.2 Build 90 suffers from a server-side request forgery vulnerability. Exploit Title: ClipBucket 5.5.2 Build 90 - Server-Side Request Forgery SSRF Google Dork: N/A Date: 2025-09-11 Exploit Author: Mukundsinh Solanki r00td3str0y3r Vendor Homepage: https://clipbucket.com Softwa...

6.5CVSS7.1AI score0.02339EPSS
Exploits4
Rows per page
Query Builder