Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

51 matches found

Metasploit
Metasploitadded 5 days ago101 views

Quectel Cellular Modem Pivot (Serial AT)

Opens a serial connection to a Quectel cellular modem and registers it as a 'modem' session capable of network pivoting. The Quectel modems have a limited number of sockets available, configurable using MODEMSOCKETS. Once the session is established, it can be routed through using the route comman...

5.9AI score
Exploits0
GithubExploit
GithubExploitadded 2026/06/03 12:2 a.m.73 views

eCPPT-Penetration-Testing-Reports

eCPPT Penetration Testing Reports Penetration testing lab rep...

9.8CVSS7.3AI score0.94618EPSS
Exploits7
Packet Storm News
Packet Storm Newsadded 2026/05/15 12:0 a.m.9 views

Rosemary 1.1.0

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.8AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/24 12:0 a.m.4 views

Rosemary 1.0.4

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.2AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/23 12:0 a.m.7 views

Rosemary 1.0.3

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.8AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/22 12:0 a.m.5 views

Rosemary 1.0.2

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.8AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/21 12:0 a.m.4 views

Rosemary 1.0.1

Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...

5.8AI score
Exploits0
GithubExploit
GithubExploitadded 2026/04/11 5:8 p.m.77 views

infosec-notebook

infosec-notebook Personal cybersecurity notes and references...

5.8AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/04/07 5:3 p.m.3 views

CVE-2026-33510

Homarr is an open-source dashboard. Prior to 1.57.0, a DOM-based Cross-Site Scripting XSS vulnerability has been discovered in Homarr's /auth/login page. The application improperly trusts a URL parameter callbackUrl, which is passed to redirect and router.push. An attacker can craft a malicious...

8.8CVSS5.9AI score0.00234EPSS
Exploits1References1
EUVD
EUVDadded 2026/04/06 2:51 p.m.3 views

EUVD-2026-19287

Homarr is an open-source dashboard. Prior to 1.57.0, a DOM-based Cross-Site Scripting XSS vulnerability has been discovered in Homarr's /auth/login page. The application improperly trusts a URL parameter callbackUrl, which is passed to redirect and router.push. An attacker can craft a malicious...

8.8CVSS5.9AI score0.00234EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/26 3:1 p.m.3 views

CVE-2026-32720

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/03/16 8:45 p.m.7 views

Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace

Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. In the specific case of...

9.9CVSS5.8AI score0.00284EPSS
Exploits0References5Affected Software2
GithubExploit
GithubExploitadded 2026/03/02 9:20 a.m.136 views

Offensive-Security-KnowledgeBase

Offensive-Security-KnowledgeBase Str...

5.9AI score
Exploits0
GithubExploit
GithubExploitadded 2026/01/29 7:32 p.m.193 views

Pentest-Lab-Waf-Bypass-SoledySecurity

Pentest-Lab-Waf-Bypass-SoledySecurity Hands-on web pentest lab...

5.9AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2026/01/03 12:0 a.m.2 views

PT-2026-1140

Name of the Vulnerable Software and Affected Versions Nuvation Energy nCloud VPN Service versions prior to 2025-12-01 Description A flaw exists in the Nuvation Energy nCloud VPN Service that permitted Network Boundary Bridging. This allowed for lateral client-to-client pivoting with minimal...

9.4CVSS6.6AI score0.0036EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2025/12/09 12:11 a.m.2 views

CVE-2025-65363

Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...

7.2CVSS7.2AI score0.05649EPSS
Exploits0References1
NVD
NVDadded 2025/12/08 5:16 p.m.3 views

CVE-2025-65363

Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...

7.2CVSS0.05649EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/12/08 12:0 a.m.2 views

PT-2025-49570

Name of the Vulnerable Software and Affected Versions Ruijie APs versions 11.1.x Description An authenticated user with web access can inject shell commands on Ruijie APs. This allows execution of appended shell expressions as root through the command parameter in the ''web action.do'' endpoint...

7.2CVSS6.6AI score0.05649EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 2025/12/08 12:0 a.m.1 views

CVE-2025-65363

Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...

6.8AI score0.05649EPSS
Exploits0References3
EUVD
EUVDadded 2025/12/08 12:0 a.m.5 views

EUVD-2025-201720

Authenticated append-style command-injection Ruijie APs APRGOS 11.1.x allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the webaction.do endpoint...

7.2CVSS6.7AI score0.05649EPSS
Exploits0References4
Rows per page
Query Builder