Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Positive Technologies
Positive Technologiesadded 2026/05/06 12:0 a.m.6 views

PT-2026-38264

Name of the Vulnerable Software and Affected Versions DevSpace versions prior to 6.3.21 Description The UI server WebSocket accepts connections from all origins by default, exposing several endpoints. A malicious website visited by a developer using a browser can establish a cross-origin WebSocke...

7.7CVSS5.9AI score0.00005EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2026/01/19 9:20 p.m.300 views

Exploit for CVE-2026-22812

CVE-2026-22812 Overview A Python exploitation tool for Ope...

8.8CVSS6.1AI score0.05324EPSS
Exploits7
OSV
OSVadded 2026/01/13 8:35 p.m.2 views

GHSA-VXW4-WV6M-9HHH OpenCode's Unauthenticated HTTP Server Allows Arbitrary Command Execution

Previously reported via email to [email protected] on 2025-11-17 per the security policy in opencode-sdk-js/SECURITY.md. No response received. Summary OpenCode automatically starts an unauthenticated HTTP server that allows any local process—or any website via permissive CORS—to execute arbitrary...

8.8CVSS7.6AI score0.05324EPSS
Exploits7References4
NVD
NVDadded 2025/10/22 3:16 p.m.2 views

CVE-2025-60331

D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCUSHELL endpoint. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS0.00066EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-29667

Malware in sbrugna...

5.4CVSS5.4AI score0.02307EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/09/12 12:20 a.m.5 views

CVE-2025-56413

OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint...

8.8CVSS8.2AI score0.00348EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/09/10 12:0 a.m.4 views

PT-2025-37052

Name of the Vulnerable Software and Affected Versions: 1panel version 2.0.8 Description: An OS Command injection issue exists in the OperateSSH function within 1panel. Attackers can execute arbitrary commands by manipulating the operation parameter of the /api/v2/hosts/ssh/operate API endpoint...

8.8CVSS7.4AI score0.00348EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2023/02/27 12:0 a.m.4 views

PT-2023-3551 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version 1.02B05 Description: The issue is related to an OS command injection vulnerability. It allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to the EXCU SHELL endpoint...

9.8CVSS8.8AI score0.63549EPSS
Exploits1References8
OSV
OSVadded 2020/11/08 2:14 p.m.8 views

MGASA-2020-0400 Updated webmin package fixes security vulnerabilities

An XSS Vulnerability exists in Webmin 1.941 and earlier affecting the Cluster Shell Commands Endpoint. A user may enter any XSS Payload into the Command field and execute it. Then, after revisiting the Cluster Shell Commands Menu, the XSS Payload will be rendered and executed. CVE-2020-8820 An...

6.1CVSS5.5AI score0.02307EPSS
Exploits0References4
Rows per page
Query Builder