5340 matches found
PT-2026-28196
A flaw has been found in SourceCodester Malawi Online Market 1.0. The impacted element is an unknown function of the file /display.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be...
Negotiating with the Board: Translating Active Risk into Financial Exposure
Security leaders rarely struggle to produce data. The challenge is turning that data into something the board can use to make decisions. Walk into a board meeting with a slide showing 1,200 critical vulnerabilities and 44 internet-facing assets, and you will likely see polite acknowledgment rathe...
What is CTEM? A Guide to Proactive Cybersecurity
Most security teams are great at finding problems. The real challenge is figuring out which problems to solve first. When everything is a priority, nothing is. This is a common frustration that leaves teams feeling overworked and unsure if their efforts are making a real difference. A more...
EUVD-2026-2952
Path Traversal vulnerability exists in multiple Network Cameras TRIFORA 3 series provided by TOA Corporation. If this vulnerability is exploited, arbitrary files on the affected product may be retrieved by a logged-in user with the low"monitoring user" or higher privilege...
CVE-2019-20831
An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.5.0.20733. It has void data mishandling, causing a crash...
CVE-2023-29031
A cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation...
CVE-2019-16887
In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x000000000001dcfc...
Exploit for Cross-site Scripting in Exclusiveaddons Exclusive_Addons_For_Elementor
PoCSmith AI-Powered Proof-of-Concept Generator for Security...
PT-2025-50332
Hi All, Looking at the Action1 reports, and unable to see anything which would be useful to for reporting from for the vulnerability of devices. I'm looking for an export with the data similar to the below DeviceName, CveId, Severity, CVSS, PatchAvailable, Product, OS, LastSeen PC-001,...
CVE-2024-40965
creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...
CVE-2025-38280
creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...
Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools
If you're using community tools like Chocolatey or Winget to keep systems updated, you're not alone. These platforms are fast, flexible, and easy to work with—making them favorites for IT teams. But there's a catch... The very tools that make your job easier might also be the reason your systems...
ReVul-CoT: Towards Effective Software Vulnerability Assessment with Retrieval-Augmented Generation and Chain-Of-Thought Prompting
Context: Software Vulnerability Assessment SVA plays a vital role in evaluating and ranking vulnerabilities in software systems to ensure their security and reliability. Objective: Although Large Language Models LLMs have recently shown remarkable potential in SVA, they still face two major...
Chasing One-Day Vulnerabilities across Open Source Forks
Tracking vulnerabilities inherited from third-party open-source components is a well-known challenge, often addressed by tracing the threads of dependency information. However, vulnerabilities can also propagate through forking: a repository forked after the introduction of a vulnerability, but...
F5 Confirms Nation-State Breach, Source Code and Vulnerability Data Stolen
F5 has confirmed it was the victim of a state-sponsored cyberattack that allowed hackers to access its internal…...
CVE-2025-59200
CVE-2025-59200 describes a race-condition vulnerability in the Data Sharing Service Client where concurrent access to a shared resource allows an unauthorized local attacker to spoof locally. The CVE entry states a base CVSS v3.1 score of 7.7 ( HIGH ), with LOCAL attack vector, LOW confidentialit...
EUVD-2018-14492
Malware in sbrugna...
EUVD-2018-11715
Malware in sbrugna...
EUVD-2016-3056
Malware in sbrugna...
EUVD-2020-29385
Malware in sbrugna...