4507 matches found
EUVD-2025-210271
picklescan before 0.0.27 contains a parsing logic error in the listglobals function when handling STACKGLOBAL opcodes, failing to track arguments in the correct range and allowing malicious pickle files to bypass detection. Attackers can craft pickle files with arguments at position zero to trigg...
OsTicket < 1.14.3 - Server Side Request Forgery
SSRF vulnerability exists in osTicket before 1.14.3, allowing an attacker to add malicious files to the server or perform port scanning. id: CVE-2020-24881 info: name: OsTicket 1.14.3 - Server Side Request Forgery author: hnd3884 severity: critical description: | SSRF vulnerability exists in...
SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery
SAP BusinessObjects Business Intelligence Platform Web Services 410, 420, and 430 is susceptible to blind server-side request forgery. An attacker can inject arbitrary values as CMS parameters to perform lookups on the internal network, which is otherwise not accessible externally. On successful...
VulnAnalyzer
š VulnAnalyzer 2.1 A comprehensive automated vulnerability...
exploit-scripts
Offensive Security Toolkit āāāāāāāāāāāāāāāāāāāāāāāāāāāāāā...
CVE-2026-50887
A Server-Side Request Forgery SSRF in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl...
PT-2026-49328
A Server-Side Request Forgery SSRF in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl...
PT-2026-49329
An authenticated Server-Side Request Forgery SSRF in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attackers to scan internal resources via supplying a crafted URL...
CVE-2026-50886
Incorrect access control in the webhook management component of Project Firefly III v6.5.9 allows attackers to scan internal resources via a crafted POST request...
CVE-2026-50888
An authenticated Server-Side Request Forgery SSRF in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attackers to scan internal resources via supplying a crafted URL...
CVE-2026-50888
An authenticated Server-Side Request Forgery SSRF in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attackers to scan internal resources via supplying a crafted URL...
OffSploit
OffSploit: Autonomous Exploit Adaptation & C2 Framework !Py...
AutoVAPT
āāāāāā āāā āāāāāāāāāāāā āāāāāāā āāā āāā āāāāāā āāāāāāā...
kiro-cybersecurity-skills
CyberSecurity Skills A collection of 15 security workflows co...
CVE-2025-7005
Uncontrolled recursion vulnerability in Avast Antivirus when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for vir...
CVE-2025-7011 Avast antivirus heap OOB when scanning a malformed zip file
Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus ...
ember
š„ Ember AI systems burn brightly but hide their secrets. Em...
Exploit_sin_monitos_v3_4_3
Exploitsinmonitosv343 Escaner l...
-Web-Attack-Detection-Lab
!Kali Linuxhttps://img.shields.io/badge/KaliLinux-557C94?sty...
Web-Attack-Detection-Lab
!Kali Linuxhttps://img.shields.io/badge/KaliLinux-557C94?sty...