4532 matches found
CVE-2025-7011 Avast antivirus heap OOB when scanning a malformed zip file
Heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus ...
ember
๐ฅ Ember AI systems burn brightly but hide their secrets. Em...
Exploit_sin_monitos_v3_4_3
Exploitsinmonitosv343 Escaner l...
-Web-Attack-Detection-Lab
!Kali Linuxhttps://img.shields.io/badge/KaliLinux-557C94?sty...
Web-Attack-Detection-Lab
!Kali Linuxhttps://img.shields.io/badge/KaliLinux-557C94?sty...
PT-2026-49015
Name of the Vulnerable Software and Affected Versions Avast Antivirus versions prior to VPS 25021208 AVG Antivirus versions prior to VPS 25021208 Norton Antivirus versions prior to VPS 25021208 Avast One versions prior to VPS 25021208 Avast Business Antivirus versions prior to VPS 25021208...
PT-2026-49011
Name of the Vulnerable Software and Affected Versions Avast Antivirus versions prior to VPS 25031700 AVG Antivirus versions prior to VPS 25031700 Norton Antivirus versions prior to VPS 25031700 Avast One versions prior to VPS 25031700 Avast Business Antivirus versions prior to VPS 25031700...
PT-2026-49017
Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.70.56 Description A heap buffer out-of-bounds read occurs in the antivirus engine when scanning a malformed Windows MSI file. This issue may lead to local execution of code or a denial-of-service of the...
CVE-2026-53810
OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points...
CVE-2026-53810 OpenClaw < 2026.5.18 - Arbitrary Code Execution via Unscanned Marketplace Runtime Extension Metadata
OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points...
CVE-2026-47170
Garlic-Hub is affected by a CVE-2026-47170 SSRF in the uploadFromUrl endpoint. Prior to version 1.1 , authenticated users could cause the server to issue arbitrary HTTP requests to internal services, enabling internal port scanning, service fingerprinting, and retrieval of internal HTTP responses...
EUVD-2026-36288
Garlic-Hub manages digital signage network โ devices, content, and playlists โ from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the server to issue arbitrary HTTP requests to internal services via the uploadFromUrl endpoint. This allows internal port...
CVE-2026-47170 Garlic-Hub: SSRF vulnerability in uploadFromUrl endpoint
Garlic-Hub manages digital signage network โ devices, content, and playlists โ from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the server to issue arbitrary HTTP requests to internal services via the uploadFromUrl endpoint. This allows internal port...
Making secret scanning more trustworthy: Reducing false positives at scale
Secret scanning plays a critical role in protecting developers and organizations. It helps catch exposed credentials early and prevents small mistakes from turning into real incidents. At GitHub's scale, even small inefficiencies create real friction. Too many false positives make alerts harder t...
PT-2026-48709
Garlic-Hub manages digital signage network โ devices, content, and playlists โ from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the server to issue arbitrary HTTP requests to internal services via the uploadFromUrl endpoint. This allows internal port...
FortiSandbox Exposure Scanner
This Metasploit auxiliary scanner module performs passive exposure assessment of FortiSandbox deployments by identifying platform fingerprints, collecting publicly accessible version metadata, and evaluating API exposure levels without using exploit functionality. The module validates whether a...
Garlic-Hub ไปฃ็ ้ฎ้ขๆผๆด
Garlic-Hub is an open-source digital signage network device and content management tool developed by GarlicSignage. Versions of Garlic-Hub prior to 1.1 contained code vulnerabilities. These vulnerabilities stemmed from the uploadFromUrl endpoint, which allowed authenticated users to make arbitrar...
China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
Cybersecurity researchers have warned of a "resurgence and expansion" of JDY , a covert network associated with China-nexus state-sponsored threat actors. "The JDY botnet comprises over 1,500 SOHO small office and home office and IoT devices and operates as a centrally controlled, high-performanc...
Web_Vulnerability_Assessment
๐ธ๏ธ Week 03 โ Web Vulnerability Assessment & Exploitation In...
bugbounty-toolkit
๐ฏ Bug Bounty Recon Toolkit Automated recon toolkit for author...