Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/19 12:0 a.m.9 views

Malicious code in uri-parse (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
vulnersOsv
vulnersOsvadded 2026/05/19 12:0 a.m.6 views

@antv/dumi-theme-antv (>=0.3.0 <=0.8.4), @hjkl6/dumi-theme-antv (>=0.5.6 <=0.5.9) +3 more potentially affected by unknown CVE via uri-parse (=1.0.0)

uri-parse NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on uri-parse and may be impacted: - @antv/dumi-theme-antv =0.3.0, =0.5.6, =0.0.1, =0.1.1, =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4157...

5.8AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2022/03/03 12:0 a.m.3 views

PT-2022-16831 · Uri.Js · Uri.Js

Name of the Vulnerable Software and Affected Versions: URI.js versions prior to 1.19.9 Description: The issue arises from whitespace characters not being removed from the beginning of the protocol, resulting in improper URL parsing. This can cause protocol validation mechanisms to fail. The probl...

5.3CVSS5.4AI score0.00491EPSS
Exploits1References14
Exploit DB
Exploit DBadded 2015/09/02 12:0 a.m.25 views

YesWiki 0.2 - &#039;squelette&#039; Directory Traversal

Exploit Title: YESWIKI 0.2 - Path Traversal Date: 2015-09-02 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: http://yeswiki.net Software Link: https://github.com/YesWiki/yeswiki Version: yeswiki 0.2 Tested on: Debian Wheezy CVE : none...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2008/08/06 12:0 a.m.32 views

LoveCMS 1.6.2 Final - Remote Code Execution

!/usr/bin/ruby Exploit by PoMdaPiMp! --------------------- pomdapimpatgmaildotcom LoveCMS Exploit Series Episode 1: adding a side block Description: add some php into a block container on the side of the site. phpinfo is called. Usage: ./LoveCMS1blocks.rb Ex: ./LoveCMS1blocks.rb...

7AI score
Exploits0
0day.today
0day.todayadded 2008/08/06 12:0 a.m.15 views

LoveCMS 1.6.2 Final Update Settings Remote Exploit

Exploit for unknown platform in category web applications ================================================== LoveCMS 1.6.2 Final Update Settings Remote Exploit ================================================== !/usr/bin/ruby Exploit by PoMdaPiMp! --------------------- LoveCMS Exploit Series...

7.1AI score
Exploits0
Rows per page
Query Builder