Lucene search
K

23 matches found

EUVD
EUVD
added 2026/06/11 6:38 p.m.10 views

EUVD-2026-36288

Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the server to issue arbitrary HTTP requests to internal services via the uploadFromUrl endpoint. This allows internal port...

7.7CVSS5.5AI score0.00209EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.18 views

PT-2026-48709

Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the server to issue arbitrary HTTP requests to internal services via the uploadFromUrl endpoint. This allows internal port...

7.7CVSS5.5AI score0.00209EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/06/10 4:8 p.m.15 views

China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance

Cybersecurity researchers have warned of a "resurgence and expansion" of JDY , a covert network associated with China-nexus state-sponsored threat actors. "The JDY botnet comprises over 1,500 SOHO small office and home office and IoT devices and operates as a centrally controlled, high-performanc...

5.6AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/21 9:58 p.m.126 views

recon2exploit

recon2exploit recon2exploit is a single-file security ass...

5.8AI score
Exploits0
NVD
NVD
added 2026/04/21 5:16 p.m.9 views

CVE-2026-40566

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Server-Side Request Forgery SSRF vulnerability in the IMAP/SMTP connection test functionality of FreeScout's MailboxesController. Three AJAX actions fetchtest line 731, sendtest line 682, and imapfolder...

4.1CVSS0.00291EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/21 4:4 p.m.8 views

EUVD-2026-24167

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Server-Side Request Forgery SSRF vulnerability in the IMAP/SMTP connection test functionality of FreeScout's MailboxesController. Three AJAX actions fetchtest line 731, sendtest line 682, and imapfolder...

4.1CVSS5.8AI score0.00291EPSS
Exploits0References3
CVE
CVE
added 2026/04/21 4:4 p.m.13 views

CVE-2026-40566

FreeScout (versions before 1.8.213) contains an SSRF in the IMAP/SMTP connection test flow via MailboxesController. The three AJAX actions fetch_test, send_test, and imap_folders pass admin-configured in_server/in_port and out_server/out_port directly to fsockopen and to IMAP/SMTP clients without...

4.1CVSS5.8AI score0.00291EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.9 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the IMAP/SMTP connection testing functionality in t...

4.1CVSS5.9AI score0.00291EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.22 views

PT-2026-34010

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a Server-Side Request Forgery SSRF vulnerability in the IMAP/SMTP connection test functionality of FreeScout's MailboxesController. Three AJAX actions fetch test line 731, send test line 682, and imap...

4.1CVSS5.8AI score0.00291EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/24 3:27 a.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the supi parameter. An attacker can cause internal URL parsing errors and expose system-level error details by injecting control characters, such as %00, into requests. This can be used for service fingerprintin...

8.7CVSS5.9AI score0.00506EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/02/24 12:18 a.m.3 views

CVE-2026-27642

free5gc UDM provides Unified Data Management UDM for free5GC, an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters e.g., %00 into the supi parameter, triggering internal URL parsing errors net/url:...

8.7CVSS5.4AI score0.00506EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/24 12:1 a.m.5 views

CVE-2025-69253 free5GC vulnerable to improper error handling in NEF with information exposure

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information Exposure. The NEF component reliably leaks internal parsing error details e.g., invalid character '...

8.7CVSS5.4AI score0.00348EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.11 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC UDR 1.4.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the NEF component leaking internal parsing error details, which may facilitate service fingerprint recogniti...

8.7CVSS5.8AI score0.00275EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2025/10/03 12:0 a.m.7 views

PentestMCP: A Toolkit for Agentic Penetration Testing

Agentic AI is transforming security by automating many tasks being performed manually. While initial agentic approaches employed a monolithic architecture, the Model-Context-Protocol has now enabled a remote-procedure call RPC paradigm to agentic applications, allowing for the flexible constructi...

6.9AI score
Exploits0
Gitee
Gitee
added 2025/09/13 12:19 a.m.181 views

Vxscan

This is a Python-based comprehensive scanning tool called Vxscan. It is designed to perform various scanning tasks such as sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, S...

8.1AI score
Exploits0
Gitee
Gitee
added 2021/08/10 10:6 a.m.7 views

Vxscan

This is a Python script named Vxscan, which is a comprehensive scanning tool for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...

7.5AI score
Exploits0
Gitee
Gitee
added 2021/06/10 8:46 p.m.4 views

Vxscan

This is a Python-based comprehensive scanning tool called Vxscan. It is designed to perform various types of scans, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning...

7.7AI score
Exploits0
Gitee
Gitee
added 2020/11/24 11:3 p.m.4 views

Vxscan

This is a Python script for a comprehensive scanning tool called Vxscan. The tool is designed to perform various scans on a target, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password...

7.8AI score
Exploits0
Gitee
Gitee
added 2020/07/28 10:29 a.m.3 views

Vxscan

This is a Python script for a comprehensive scanning tool called Vxscan. The tool is designed to perform various types of scans, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection,...

7.4AI score
Exploits0
Gitee
Gitee
added 2020/06/02 8:52 p.m.3 views

Vxscan

This is a Python script for a comprehensive scanning tool called Vxscan. The tool is designed to perform various types of scans, including sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection,...

7.4AI score
Exploits0
Rows per page
Query Builder