Lucene search
K

733225 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.13 views

RHEL 9 : .NET 8.0 (RHSA-2026:28011)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28011 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

7.5CVSS7.1AI score0.0243EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2023 : aspnetcore-runtime-8.0, aspnetcore-runtime-dbg-8.0, aspnetcore-targeting-pack-8.0 (ALAS2023-2026-1869)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1869 advisory. Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Improper link resolution before file access 'link following' in .NET allows an...

7.8CVSS5.8AI score0.0243EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

RHEL 10 : .NET 9.0 (RHSA-2026:28009)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28009 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

7.5CVSS6AI score0.0243EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2026/06/22 12:0 a.m.42 views

📄 Sprecher Automation SPRECON-E-C/-E-P/-E-T3 Missing Secure-Boot / Static Passwords

Sprecher Automation SPRECON-E-C/-E-P/-E-T3 leaks the firmware signing private key, is missing a secure-boot mechanism, has unencrypted flash memory, use of static passwords, and hard-coded vendor accounts. SEC Consult Vulnerability Lab Security Advisory...

9.8CVSS5.8AI score0.00851EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/06/22 12:0 a.m.41 views

📄 Worksnaps.net Worksnaps Hardcoded Root Cloud Credentials

Silver Leaf Technologies - Worksnaps.net Worksnaps suffers from a hardcoded credential vulnerability. Several application binaries contained hardcoded credentials, such as AWS access keys and S3 bucket names, which granted access to the production environment. Those hardcoded AWS cloud credential...

9.3CVSS5.9AI score0.00388EPSS
Exploits1
Packet Storm
Packet Storm
added 2026/06/22 12:0 a.m.42 views

📄 PHP 8.5.7 mb_substr() Underflow

PHP version 8.5.7 suffers an underflow condition that can be exploited to trigger a denial of service condition. PHP 8.5.7 mbsubstr 'SJIS-mac' sizet underflow Author: Khashayar Fereidani Disclosure Date: 2026-06-18 Advisory: https://fereidani.com/php-857-mbsubstr-sjis-mac-sizet-underflow Contact:...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

SUSE SLES15 Security Update : kubernetes-old (SUSE-SU-2026:2460-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2460-1 advisory. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265747. -...

8.7CVSS5.9AI score0.00781EPSS
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 4:21 p.m.9 views

Malicious code in hyperpure-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47dd43b980c7b5e3230ee57e6974d40804e54997ed88877ced301402dbcdef4c Package impersonates a Zomato internal namespace name hyperpure-core, repository URL pointing to github.com/zomato/hyperpure-core while shipping a...

6AI score
Exploits0References1
OSV
OSV
added 2026/06/21 4:21 p.m.10 views

MAL-2026-6250 Malicious code in hyperpure-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47dd43b980c7b5e3230ee57e6974d40804e54997ed88877ced301402dbcdef4c Package impersonates a Zomato internal namespace name hyperpure-core, repository URL pointing to github.com/zomato/hyperpure-core while shipping a...

6AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/21 4:16 p.m.67 views

create-poc-template-skills

create-poc-template 中文 A skill for AI coding...

10CVSS5.9AI score0.99766EPSS
Exploits37
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 4:11 p.m.8 views

Malicious code in zomato-sushi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f631d7af366bbb607f9088550a64939e395d0ce1199777828269de5772d860c package.json declares a preinstall script that runs curl with form-encoded fields carrying the installer's hostname hostname -f, whoami, current...

6AI score
Exploits0References1
OSV
OSV
added 2026/06/21 4:11 p.m.10 views

MAL-2026-6254 Malicious code in zomato-sushi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f631d7af366bbb607f9088550a64939e395d0ce1199777828269de5772d860c package.json declares a preinstall script that runs curl with form-encoded fields carrying the installer's hostname hostname -f, whoami, current...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 4:11 p.m.8 views

Malicious code in zomato-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dccb8b8b32337c2a257a763c273e03367ec07c904b5db0c07dbf514d546709d On npm install, the package's preinstall lifecycle script in package.json runs curl to POST the installer's hostname, current user whoami, working...

6AI score
Exploits0References1
OSV
OSV
added 2026/06/21 4:11 p.m.7 views

MAL-2026-6252 Malicious code in zomato-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dccb8b8b32337c2a257a763c273e03367ec07c904b5db0c07dbf514d546709d On npm install, the package's preinstall lifecycle script in package.json runs curl to POST the installer's hostname, current user whoami, working...

6AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/21 2:31 p.m.55 views

Exploit for Infinite Loop in Pypdf_Project Pypdf

CVE-2026-24688 - pypdf - Circular Reference DoS Vulnerability...

5.1CVSS5.9AI score0.00388EPSS
Exploits2
GithubExploit
GithubExploit
added 2026/06/21 2:31 p.m.66 views

Exploit for Improper Input Validation in N8N

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

10CVSS7.9AI score0.97875EPSS
Exploits40
GithubExploit
GithubExploit
added 2026/06/21 2:30 p.m.44 views

Exploit for Eval Injection in Xwiki

CVE-2025-24893 - XWiki Unauthenticated RCE Exploit POC ⚠️ U...

9.8CVSS7.7AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2026/06/21 2:14 p.m.40 views

elevate-kit

elevate-kit Local privilege escalation enumeration scripts fo...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 1:38 p.m.9 views

Malicious code in jsonschema-viewer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3692022b4caf5ac51d868aaae58e793520ac3bd36703841eb615942baf85bb87 The package's only function — main in src/jsonschemaviewer/main.py, registered as the jsonschema-viewer console script — invokes os.system to fetch a...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/06/21 1:38 p.m.5 views

MAL-2026-6248 Malicious code in jsonschema-viewer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3692022b4caf5ac51d868aaae58e793520ac3bd36703841eb615942baf85bb87 The package's only function — main in src/jsonschemaviewer/main.py, registered as the jsonschema-viewer console script — invokes os.system to fetch a...

6.2AI score
Exploits0References3
Rows per page
Query Builder