Lucene search
K

281654 matches found

GithubExploit
GithubExploit
added 1 hour ago6 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

CVE-2025-27591-PoC CVE-2025-27591 PoC — Below Local Privileg...

6.8CVSS6.8AI score0.0036EPSS
Exploits23
EUVD
EUVD
added 1 hour ago4 views

EUVD-2026-44584

Improper Neutralization of Special Elements used in an SQL Command "SQL Injection" in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the ' ...

5.9CVSS6.1AI score
Exploits0References2
EUVD
EUVD
added 1 hour ago5 views

EUVD-2026-44590

An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain ASUS router models allows a remote man-in-the-middleMITM user to make the router download and execute arbitrary command via a spoofed server. Refer to the ' Security Update for ASUS Router Firmware '...

9.5CVSS6.3AI score
Exploits0References2
NVD
NVD
added 2 hours ago4 views

CVE-2026-13385

An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain ASUS router models allows a remote man-in-the-middleMITM user to make the router download and execute arbitrary command via a spoofed server. Refer to the ' Security Update for ASUS Router Firmware '...

9.5CVSS
Exploits0References1
NVD
NVD
added 2 hours ago5 views

CVE-2026-11851

Improper Neutralization of Special Elements used in an SQL Command "SQL Injection" in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the ' ...

5.9CVSS
Exploits0References1
Cvelist
Cvelist
added 3 hours ago5 views

CVE-2026-13385

An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain ASUS router models allows a remote man-in-the-middleMITM user to make the router download and execute arbitrary command via a spoofed server. Refer to the ' Security Update for ASUS Router Firmware '...

9.5CVSS
Exploits0References1
CVE
CVE
added 3 hours ago7 views

CVE-2026-13385

The CVE-2026-13385 entry affects certain ASUS router models. It covers an vulnerability path where an attacker can perform a remote MITM to cause the device to download and execute arbitrary commands via a spoofed server, due to improper validation of the integrity check value and improper certif...

9.5CVSS6.3AI score
Exploits0References1
Cvelist
Cvelist
added 3 hours ago3 views

CVE-2026-11851

Improper Neutralization of Special Elements used in an SQL Command "SQL Injection" in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the ' ...

5.9CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 hours ago3 views

CVE-2026-11851

Improper Neutralization of Special Elements used in an SQL Command "SQL Injection" in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the ' ...

5.9CVSS6.1AI score
Exploits0References2
CVE
CVE
added 3 hours ago3 views

CVE-2026-11851

CVE-2026-11851 is an SQL Injection vulnerability in the web management interface of certain ASUS router models. The root cause is improper neutralization of special elements in SQL commands. It can be exploited by a remote authenticated attacker with high privileges, without user interaction, to ...

5.9CVSS6.1AI score
Exploits0References1
GithubExploit
GithubExploit
added 3 hours ago10 views

vulnlab

vulnlab 🔓 !CI Statushttps://github.com/37Linard/vulnlab/a...

6.2AI score
Exploits0
EUVD
EUVD
added 4 hours ago3 views

EUVD-2025-210472

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip before 1.4.0, in the interaction model command processing logic. When an InvokeCommandRequest is sent to a nonexistent endpoint and cluster e.g., 0x34, the code incorrectly treats the endpoint as valid due to missing...

6.1AI score
Exploits0References4
EUVD
EUVD
added 4 hours ago3 views

EUVD-2025-210469

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip before 1.4.2, specifically within the Level Control cluster's periodic server tick logic. When a MoveToLevel command is sent and immediately followed by a write of OperationMode=2 in the Pump Configuration and Control...

6.1AI score
Exploits0References3
EUVD
EUVD
added 4 hours ago3 views

EUVD-2025-210468

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip 1.3 thru 1.4, specifically within the Level Control cluster's server tick logic emberAfLevelControlClusterServerTickCallback. When a MoveToLevel command is executed and followed by a conflicting write to the OperationMod...

6AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 5 hours ago6 views

PT-2026-58871

Improper Neutralization of Special Elements used in an SQL Command "SQL Injection" in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the ' ...

5.9CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 5 hours ago6 views

PT-2026-58872

An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain ASUS router models allows a remote man-in-the-middleMITM user to make the router download and execute arbitrary command via a spoofed server. Refer to the ' Security Update for ASUS Router Firmware '...

9.5CVSS6.3AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.1.1 Vulnerability Details CVEID:CVE-2026-42342 DESCRIPTION: React Router is a router for React. In versions 7.0.0 through 7.14.x of react-router and versions 2.10.0 through 2.17.4 of @remix-run/server-runtime, certai...

9.1CVSS7AI score0.0048EPSS
Exploits3Affected Software1
NVD
NVD
added yesterday8 views

CVE-2025-56365

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip before 1.4.0, in the interaction model command processing logic. When an InvokeCommandRequest is sent to a nonexistent endpoint and cluster e.g., 0x34, the code incorrectly treats the endpoint as valid due to missing...

Exploits0References3
NVD
NVD
added yesterday7 views

CVE-2025-56362

A reachable assertion vulnerability exists in the Matter SDK connectedhomeip before 1.4.2, specifically within the Level Control cluster's periodic server tick logic. When a MoveToLevel command is sent and immediately followed by a write of OperationMode=2 in the Pump Configuration and Control...

Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM i is Affected By Multiple Vulnerabilities in OpenSSL

Summary OpenSSL for IBM i is vulnerable to out-of-bounds read when parsing a crafted DER-encoded ASN.1 structure with a 2 gigabyte primitive element or when using Cryptographic Message Services CMS password-based decryption and processing a stream-mode KEK cipher CVE-2026-34180, CVE-2026-9076,...

9.1CVSS7.5AI score0.02719EPSS
Exploits0Affected Software5
Rows per page
Query Builder