Lucene search
+L

130 matches found

GithubExploit
GithubExploit
added 5 hours ago16 views

Exploit for CVE-2026-60137

Compromise Scanner for wp2shell read-only A standalone, r...

9.8CVSS5.7AI score0.08946EPSS
Exploits36
Cvelist
Cvelist
added 2026/06/23 5:20 p.m.37 views

CVE-2026-49402 Deno: Command Injection via spawnSync & spawn on Windows

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.10, Deno's node:childprocess implementation provided an escapeShellArg helper used when callers passed shell: true to spawn / spawnSync / exec and friends. On Windows, the helper failed to quote arguments that contained cmd.e...

8.1CVSS0.00283EPSS
Exploits1References1
OSV
OSV
added 2026/05/26 4:13 p.m.3 views

CVE-2026-44502 Bugsink: SSRF bypass in `validate_webhook_url`

Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...

4.3CVSS5.9AI score0.00286EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/20 11:23 a.m.10 views

org.keycloak/keycloak-services: Open redirect when using wildcard valid redirect URIs in Keycloak

A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentially leading to the exposure of sensitive information within the domain or facilitating further...

8.1CVSS5.7AI score0.005EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/21 7:11 p.m.6 views

Incorrect Authorization

Overview github.com/oauth2-proxy/oauth2-proxy is a reverse proxy that provides authentication with Google, Github or other providers. Affected versions of this package are vulnerable to Incorrect Authorization in the email domain validation. An attacker can gain unauthorized access by submitting ...

7.6CVSS5.5AI score0.00209EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/21 7:11 p.m.4 views

Incorrect Authorization

Overview github.com/oauth2-proxy/oauth2-proxy/v7 is a reverse proxy that provides authentication with Google, Github or other providers. Affected versions of this package are vulnerable to Incorrect Authorization in the email domain validation. An attacker can gain unauthorized access by submitti...

7.6CVSS5.5AI score0.00209EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.9 views

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.2 contained security...

6.5CVSS5.8AI score0.00216EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.3 views

CVE-2019-25515

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...

8.7CVSS5.8AI score0.01089EPSS
Exploits1References2Affected Software1
HackRead
HackRead
added 2026/03/11 9:10 a.m.10 views

Your Data Lake Is Turning Into a Junk Drawer? Here’s How to Clean It Up

Data lakes start organized but can turn into dumping grounds. Learn the signs of data lake clutter and simple steps to clean it up without rebuilding...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.2 views

RuView: WiFi Signal Analyzer

RuView: WiFi DensePose turns commodity WiFi signals into real-time human pose estimation, vital sign monitoring, and presence detection, all without a single pixel of video...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.9 views

CVE-2021-27408

The affected product is vulnerable to an out-of-bounds read, which can cause information leakage leading to arbitrary code execution if chained to the out-of-bounds write vulnerability on the Welch Allyn medical device management tools Welch Allyn Service Tool: versions prior to v1.10, Welch Ally...

7.5CVSS7.6AI score0.01687EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename function. The issue arises from an off-by-one error that causes out-of-bounds memory access when...

9.8CVSS5.8AI score0.00617EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-19773

Malware in sbrugna...

5.3CVSS5.5AI score0.00433EPSS
Exploits0References2
Veracode
Veracode
added 2025/09/19 1:6 p.m.10 views

Heap Buffer Overflow

ImageMagick is vulnerable to heap buffer overflow. The vulnerability is due to an off-by-one error in the InterpretImageFilename function when handling format strings with consecutive percent signs %%, which allows an attacker to trigger out-of-bounds memory access...

9.8CVSS7.3AI score0.00617EPSS
Exploits1References7Affected Software18
OSV
OSV
added 2025/08/25 3:53 p.m.5 views

GHSA-HM4X-R5HC-794F ImageMagick has a Heap Buffer Overflow in InterpretImageFilename

Heap Buffer Overflow in InterpretImageFilename Summary A heap buffer overflow was identified in the InterpretImageFilename function of ImageMagick. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs...

3.7CVSS6.7AI score0.00617EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2025/08/25 3:53 p.m.10 views

ImageMagick has a Heap Buffer Overflow in InterpretImageFilename

Heap Buffer Overflow in InterpretImageFilename Summary A heap buffer overflow was identified in the InterpretImageFilename function of ImageMagick. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs...

9.8CVSS7.9AI score0.00617EPSS
Exploits1References7Affected Software18
Tenable Nessus
Tenable Nessus
added 2025/08/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-53014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overfl...

9.8CVSS5.3AI score0.00617EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in test-mlw2-picra-signs (npm)

The package test-mlw2-picra-signs was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-35971 Malicious code in test-mlw2-picra-signs (npm)

The package test-mlw2-picra-signs was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/07/25 1:17 p.m.5 views

OESA-2025-1911 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

9.8CVSS7.2AI score0.00792EPSS
Exploits2References4
Rows per page
Query Builder