93486 matches found
deep-pentest-skill
Deep Pentest Skill !License: MIThttps://img.shields.io/bad...
Exploit for CVE-2026-60137
wp2shell-lab Educational PoC and lab for CVE-2026-63030 + C...
Exploit for Missing Release of Memory after Effective Lifetime in Linux Linux_Kernel
android-selinux-disabler Standalone extraction of the SELinux...
Exploit for Missing Release of Memory after Effective Lifetime in Linux Linux_Kernel
badepoll-selinux-disabler Standalone extraction of the SELinu...
Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
log4shell-scanner A dependency-free, defensive scanner for...
Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl_Firmware
HIKRAVEN 🛡️ Advanced Hikvision Security Assessmen...
Exploit for OS Command Injection in Zoneminder
CVE-2023-26039 Description ZoneMinder is a free, open sou...
CVE-2026-54335
Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by...
Malicious code in trongridme (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0388d3aee1f1a4d5c6a27ab1c30e0cb6c8b9679708bd8b1cf3f5c5e76624f77 Source: kam193 04117292d543eae5a1d22c78d8a4507cc196c8770c9fb0a09ae2f9a10a8009d4 Package appears to be designed for private key exfiltration, but no known...
MAL-2026-10771 Malicious code in trongridme (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0388d3aee1f1a4d5c6a27ab1c30e0cb6c8b9679708bd8b1cf3f5c5e76624f77 Source: kam193 04117292d543eae5a1d22c78d8a4507cc196c8770c9fb0a09ae2f9a10a8009d4 Package appears to be designed for private key exfiltration, but no known...
CVE-2026-54242
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...
CVE-2026-54244
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and terms in src/Http/Controllers/CP/PreviewController.php only checked view authorization, but it accepts and renders caller-supplied field values. A...
CVE-2026-54243
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...
EUVD-2026-45337
Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by...
CVE-2026-54335
Feathersjs contains a prototype-pollution vulnerability in the lodash-like merge helper: @feathersjs/commons .merge. In versions up to 5.0.44, merging a source object that originates from JSON.parse and contains proto , constructor, or prototype keys causes the merge to access target['proto '], m...
CVE-2026-54335
Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by...
CVE-2026-54335 Feathersjs: Prototype pollution in @feathersjs/commons _.merge via JSON-parsed __proto__
Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by...
Security Bulletin:Multiple security vulnerabilities in IBM Process Automation Manager Open Edition Starter Kit for Banking
Summary In addition to many updates of operating system level packages, Multiple vulnerabilities were addressed in IBM Process Automation Manager Open Edition Starter Kit for Banking -9.4.2 Vulnerability Details CVEID:CVE-2026-13676 DESCRIPTION: fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fai...
CVE-2026-54243
CVE-2026-54243 affects Statamic CMS (Laravel/Git-powered). Prior to 5.73.24 and 6.20.1, form submission values exported to CSV via CsvExporter.php were not neutralized for spreadsheet formula characters. A value starting with =, +, -, or @ could be interpreted as a live formula when an editor ope...
EUVD-2026-45321
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...