Lucene search
K

836078 matches found

GithubExploit
GithubExploit
added 49 minutes ago3 views

goby-poc-collection

Goby POC Collection Convert Goby vulnerability scan tools’...

9.8CVSS0.7842EPSS
Exploits6
GithubExploit
GithubExploit
added 57 minutes ago3 views

--POC

Goby POC Collection Convert Goby vulnerability scan tools’...

9.8CVSS0.84631EPSS
Exploits25
Fedora
Fedora
added 1 hour ago2 views

[SECURITY] Fedora 44 Update: log4cxx-1.7.0-2.fc44

Log4cxx is a popular logging package written in C++. One of its distinctive features is the notion of inheritance in loggers. Using a logger hierarchy it is possible to control which log statements are output at arbitrary granularity. This helps reduce the volume of logged output and minimize the...

6.3CVSS6.2AI score0.00499EPSS
Exploits0
Fedora
Fedora
added 1 hour ago3 views

[SECURITY] Fedora 43 Update: upower-1.91.3-2.fc43

UPower formerly DeviceKit-power provides a daemon, API and command line tools for managing power devices attached to the system...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 2 hours ago13 views

wordpress-ocr-internal-pentest

─── Internal Web Application & OCR Service ─── 🛡️ A...

6.3AI score
Exploits0
GithubExploit
GithubExploit
added yesterday15 views

Exploit for CVE-2026-13768

CVE-2026-13768 - Gardyn IoT Hub Owner Key Exposure !WARNIN...

10CVSS6.5AI score0.00559EPSS
Exploits2
GithubExploit
GithubExploit
added yesterday14 views

Exploit for OS Command Injection in Webmin

요약 Webmin은 Unix 시스템에서 사용되는 웹 기반 시스템 관리 도구이다. 해당 관리 도구의 기능 중...

10CVSS7.2AI score0.99766EPSS
Exploits38
GithubExploit
GithubExploit
added yesterday20 views

Exploit for Command Injection in Microsoft

DevTools Helper — Malicious Extension PoC CVE-2025-55319 Pr...

9.8CVSS7AI score0.00849EPSS
Exploits1
The Hacker News
The Hacker News
added yesterday7 views

Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

The jscrambler npm package was compromised, and simply installing its 8.14.0 release runs an infostealer on your machine. Published on July 11, 2026, the malicious version carries a preinstall hook that drops and executes a native binary, one build each for Windows, macOS, and Linux. Socket flagg...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added yesterday7 views

Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns

Cybersecurity researchers have disclosed details of sustained cyber espionage activity against several Pakistani law enforcement organizations undertaken by suspected China- and India-aligned threat actors between February 2024 and April 2026. "At Balochistan Police, the compromised assets includ...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added yesterday33 views

Exploit for Deserialization of Untrusted Data in Apache Camel

Permissive Default ObjectInputFilter — DNS Side-Channel Reprod...

8.1CVSS6.1AI score0.00546EPSS
Exploits1
GithubExploit
GithubExploit
added yesterday28 views

pantest-containers

Pentest Containers Uruchamianie Ten projekt buduje narzęd...

6.1AI score
Exploits0
NVD
NVD
added yesterday6 views

CVE-2026-61448

Parse Server is affected by a stored cross-site scripting XSS vulnerability in versions = 9.0.0, 9.10.0-alpha.2 and = 8.6.83. When an uploaded file's extension is not recognized by the mime package, Parse Server preserves the client-supplied Content-Type. A malformed Content-Type that is not a...

2.1CVSS
Exploits0References2
GithubExploit
GithubExploit
added yesterday33 views

Exploit for CVE-2026-14894

CVE-2026-14894 — Super Forms ≤ 6.3.313...

9.8CVSS6.6AI score0.00523EPSS
Exploits1
GithubExploit
GithubExploit
added yesterday30 views

Exploit for CVE-2026-0740

CVE-2026-0740 — Mass-Target Exploit Engine Author: 0xNuts...

9.8CVSS7.1AI score0.54254EPSS
Exploits7
EUVD
EUVD
added yesterday8 views

EUVD-2026-43183

Parse Server is affected by a stored cross-site scripting XSS vulnerability in versions = 9.0.0, 9.10.0-alpha.2 and = 8.6.83. When an uploaded file's extension is not recognized by the mime package, Parse Server preserves the client-supplied Content-Type. A malformed Content-Type that is not a...

2.1CVSS6AI score
Exploits0References2
CVE
CVE
added yesterday10 views

CVE-2026-61448

Parse Server is affected by a stored XSS in versions 9.0.0–9.9.9 (excluding 9.10.0-alpha.2) and 8.6.0x up to 8.6.83. When a file with an unrecognized extension is uploaded, the client-supplied Content-Type is kept. A malformed Content-Type (not valid type/subtype) can bypass fileUpload.fileExtens...

2.1CVSS6AI score
Exploits0References2
Cvelist
Cvelist
added yesterday10 views

CVE-2026-61448 Parse Server 9.0.0 Stored XSS via malformed Content-Type

Parse Server is affected by a stored cross-site scripting XSS vulnerability in versions = 9.0.0, 9.10.0-alpha.2 and = 8.6.83. When an uploaded file's extension is not recognized by the mime package, Parse Server preserves the client-supplied Content-Type. A malformed Content-Type that is not a...

2.1CVSS
Exploits0References2
GithubExploit
GithubExploit
added yesterday28 views

Exploit for Code Injection in Ejs

CVE-2022-29078 | EJS SSTI → RCE 화이트햇 스쿨 4기 32반 - 우상범 @t...

9.8CVSS6.7AI score0.32386EPSS
Exploits6
GithubExploit
GithubExploit
added yesterday31 views

tetragon-lab

How it works This poc use copyfail exploit to overwrite page-...

7.8CVSS7AI score0.96267EPSS
Exploits230
Rows per page
Query Builder