Lucene search
+L

440577 matches found

GithubExploit
GithubExploit
added 39 minutes ago4 views

Exploit for CVE-2026-63030

wp2shell-scan A scanner and proof-of-concept toolkit for CVE-202...

9.8CVSS7.1AI score
Exploits24
GithubExploit
GithubExploit
added 4 hours ago10 views

Metasploitable2-Penetration-Testing-Lab

Metasploitable 2 Penetration Testing Lab About the Project...

5.7AI score
Exploits0
GithubExploit
GithubExploit
added 4 hours ago13 views

Exploit for CVE-2026-60137

wp2shell Pre-authentication Remote Code Execution against Wor...

9.8CVSS5.8AI score
Exploits24
GithubExploit
GithubExploit
added 4 hours ago6 views

Exploit for CVE-2026-63030

wp2r00t - WordPress REST Batch Route-Confusion SQLi PoC A sel...

9.8CVSS6.4AI score
Exploits24
NVD
NVD
added 6 hours ago5 views

CVE-2024-58364

SurrealDB versions before 1.2.1 contain an uncaught exception handling vulnerability in span rendering when parsing queries with errors on line terminator characters. Authorized clients can submit malformed queries that trigger a panic in the span rendering code, crashing the server and causing...

7.1CVSS
Exploits0References2
NVD
NVD
added 6 hours ago7 views

CVE-2024-58361

SurrealDB versions before 2.0.4 contain an uncaught exception handling vulnerability in the parser error rendering code when processing empty strings. Authorized clients can execute malformed queries with empty string conversions to record, duration, or datetime types that cause a panic in error...

7.1CVSS
Exploits0References2
NVD
NVD
added 7 hours ago5 views

CVE-2026-16158

Impact: @fastify/reply-from versions from 8.3.1 up to but not including 12.6.4 build the internal URL cache key by concatenating the destination and source path without a delimiter. Different destination and source pairs can therefore produce the same key while resolving to different upstream URL...

8.7CVSS
Exploits0References2
Cvelist
Cvelist
added 7 hours ago8 views

CVE-2024-58364 SurrealDB before 1.2.1 Denial of Service via Parsing Error

SurrealDB versions before 1.2.1 contain an uncaught exception handling vulnerability in span rendering when parsing queries with errors on line terminator characters. Authorized clients can submit malformed queries that trigger a panic in the span rendering code, crashing the server and causing...

7.1CVSS
Exploits0References2
CVE
CVE
added 7 hours ago8 views

CVE-2024-58364

CVE-2024-58364 affects SurrealDB before 1.2.1. An uncaught exception in the span rendering path triggers a panic when parsing malformed queries with errors on line terminator characters, leading to server denial of service. Public details in the connected sources indicate the impact is an in-proc...

7.1CVSS5.3AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 7 hours ago4 views

CVE-2024-58364

SurrealDB versions before 1.2.1 contain an uncaught exception handling vulnerability in span rendering when parsing queries with errors on line terminator characters. Authorized clients can submit malformed queries that trigger a panic in the span rendering code, crashing the server and causing...

7.1CVSS5.3AI score
Exploits0References3
EUVD
EUVD
added 7 hours ago4 views

EUVD-2024-55680

SurrealDB versions before 1.2.1 contain an uncaught exception handling vulnerability in span rendering when parsing queries with errors on line terminator characters. Authorized clients can submit malformed queries that trigger a panic in the span rendering code, crashing the server and causing...

7.1CVSS5.3AI score
Exploits0References2
CVE
CVE
added 7 hours ago9 views

CVE-2024-58361

SurrealDB is affected in versions before 2.0.4 by an uncaught exception in the parser error rendering path when processing empty strings. Authorized clients can issue malformed queries that convert empty strings to record, duration, or datetime types, triggering a panic in error rendering and cra...

7.1CVSS5.5AI score
Exploits0References2
Cvelist
Cvelist
added 7 hours ago9 views

CVE-2024-58361 SurrealDB before 2.0.4 Denial of Service via Parser Exception

SurrealDB versions before 2.0.4 contain an uncaught exception handling vulnerability in the parser error rendering code when processing empty strings. Authorized clients can execute malformed queries with empty string conversions to record, duration, or datetime types that cause a panic in error...

7.1CVSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 7 hours ago3 views

CVE-2024-58361

SurrealDB versions before 2.0.4 contain an uncaught exception handling vulnerability in the parser error rendering code when processing empty strings. Authorized clients can execute malformed queries with empty string conversions to record, duration, or datetime types that cause a panic in error...

7.1CVSS5.5AI score
Exploits0References3Affected Software1
EUVD
EUVD
added 7 hours ago5 views

EUVD-2024-55677

SurrealDB versions before 2.0.4 contain an uncaught exception handling vulnerability in the parser error rendering code when processing empty strings. Authorized clients can execute malformed queries with empty string conversions to record, duration, or datetime types that cause a panic in error...

7.1CVSS5.5AI score
Exploits0References2
Cvelist
Cvelist
added 8 hours ago8 views

CVE-2026-16158 @fastify/reply-from vulnerable to cross-upstream request routing via URL cache key collision

Impact: @fastify/reply-from versions from 8.3.1 up to but not including 12.6.4 build the internal URL cache key by concatenating the destination and source path without a delimiter. Different destination and source pairs can therefore produce the same key while resolving to different upstream URL...

8.7CVSS
Exploits0References2
CVE
CVE
added 8 hours ago9 views

CVE-2026-16158

Affected component: @fastify/reply-from. Versions 8.3.1 up to, but not including, 12.6.4 construct an internal URL cache key by concatenating destination and source paths without a delimiter, enabling cross-upstream data access when getUpstream selects an upstream from request data. This can caus...

8.7CVSS5.3AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 8 hours ago3 views

CVE-2026-16158

Impact: @fastify/reply-from versions from 8.3.1 up to but not including 12.6.4 build the internal URL cache key by concatenating the destination and source path without a delimiter. Different destination and source pairs can therefore produce the same key while resolving to different upstream URL...

8.7CVSS5.3AI score
Exploits0References3Affected Software1
EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-45373

Impact: @fastify/reply-from versions from 8.3.1 up to but not including 12.6.4 build the internal URL cache key by concatenating the destination and source path without a delimiter. Different destination and source pairs can therefore produce the same key while resolving to different upstream URL...

8.7CVSS5.3AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 11 hours ago3 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.4.0 Vulnerability Details CVEID:CVE-2026-35469 DESCRIPTION: spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 fram...

9.8CVSS4.5AI score0.06488EPSS
Exploits4Affected Software1
Rows per page
Query Builder