Lucene search
+L

1291 matches found

CVE
CVE
added 2 days ago11 views

CVE-2026-53444

Wekan (open-source Kanban, Meteor-based) prior to v9.32 had missing authorization on OIDC-related Meteor methods (e.g., setCreateOrgFromOidc, setOrgAllFieldsFromOidc, setCreateTeamFromOidc, setTeamAllFieldsFromOidc, boardRoutineOnLogin, groupRoutineOnLogin) in packages/wekan-oidc/oidc_server.js a...

7.6CVSS6.1AI score0.00238EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-60322

Name of the Vulnerable Software and Affected Versions Wekan versions prior to 9.32 Description A Server-Side Request Forgery SSRF exists where webhook integration URLs in models/integrations.js are stored from user input and subsequently fetched by server/notifications/outgoing.js. The process...

6.2CVSS6.1AI score0.00286EPSS
Exploits0References5
Microsoft Security Update
Microsoft Security Update
added 3 days ago4 views

2026-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5099535)

2026-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems KB5099535...

6.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 3 days ago4 views

PT-2026-58090

Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.3.0 Description Public image coordinate APIs in the Pillow Python imaging library can trigger a native heap out-of-bounds write. This occurs when coordinates near the signed 32-bit integer limits are provided to the...

7.5CVSS6.1AI score0.0039EPSS
Exploits1References8
NVD
NVD
added last week9 views

CVE-2026-55187

Mailpit is an email testing tool and API for developers. Prior to 1.30.2, the remediation shipped for CVE-2026-27808 is incomplete because the tools.IsInternalIP deny-list in internal/tools/net.go relies on Go's standard library classification helpers and does not block IPv6 transition mechanisms...

5.8CVSS0.00282EPSS
Exploits0References3
OSV
OSV
added last week4 views

CVE-2026-57156 FreeRDP: Integer overflow leading to heap buffer overflow in Orders Delta Points parsing

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0 on 32-bit builds, FreeRDP clients contain an integer overflow in updatereaddeltapoints in libfreerdp/core/orders.c when multiplying an attacker-controlled point count by sizeofDELTAPOINT, allowing a malicious RDP pee...

8.6CVSS6.2AI score0.00698EPSS
Exploits1References6
Metasploit
Metasploit
added last week30 views

FTP Fetch, Windows Executable Download (http,https,ftp) and Execute

Fetch and execute an x86 payload from an FTP server. Download an EXE from an HTTPS/FTP URL and execute it Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week33 views

FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include Msf::Payload::Adapter::Fetch::FTP includ...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week29 views

FTP Fetch, Windows x86 Bind Named Pipe Stager

Fetch and execute an x86 payload from an FTP server. Listen for a pipe connection Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week27 views

FTP Fetch, Windows x86 Bind Named Pipe Stager

Fetch and execute an x86 payload from an FTP server. Listen for a pipe connection Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week26 views

FTP Fetch, Reverse HTTP Stager Proxy

Fetch and execute an x86 payload from an FTP server. Tunnel communication over HTTP Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include Msf::Payload::Adapter::Fetch::FTP...

5.4AI score
Exploits0
Metasploit
Metasploit
added last week33 views

FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week27 views

FTP Fetch, Windows shellcode stage, Hidden Bind TCP Stager

Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options This module requires Metasploit: https://metasploit.com/download Current source:...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week35 views

FTP Fetch, Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week19 views

FTP Fetch, Generic x86 Debug Trap

Fetch and execute an x86 payload from an FTP server. Generate a debug trap in the target process Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week35 views

FTP Fetch, Windows Upload/Execute, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker over IPv6 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week24 views

FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week15 views

TFTP Fetch, Linux dup2 Command Shell, Bind TCP Stager

Fetch and execute an RISC-V 32-bit payload from a TFTP server. dup2 socket in s1, then execve. Listen for a connection Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week17 views

HTTPS Fetch, Linux dup2 Command Shell, Bind TCP Stager

Fetch and execute an RISC-V 32-bit payload from an HTTPS server. dup2 socket in s1, then execve. Listen for a connection Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week17 views

TFTP Fetch, Linux dup2 Command Shell, Reverse TCP Stager

Fetch and execute an RISC-V 32-bit payload from a TFTP server. dup2 socket in s1, then execve. Connect back to the attacker Module Options...

6.2AI score
Exploits0
Rows per page
Query Builder