Lucene search
K

1062 matches found

GithubExploit
GithubExploit
โ€ขadded 2026/05/18 11:28 a.m.โ€ข109 views

pentest-report-clinic-sangabriel

Penetration Test Report โ€” Clรญnica San Gabriel Overview Fu...

9.8CVSS6.1AI score0.9927EPSS
Exploits45
GithubExploit
GithubExploit
โ€ขadded 2026/05/09 10:38 a.m.โ€ข92 views

CoreExploit-Final

CoreExploit ๐Ÿ” Ethical Penetration Testing Learning Platfor...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
โ€ขadded 2026/05/07 12:0 a.m.โ€ข15 views

PT-2026-38614

Name of the Vulnerable Software and Affected Versions Cinny versions prior to 4.10.3 Description A remote authenticated attacker who shares a room with a victim and has permissions to create room emotes can cause the victim's client to send their Matrix access token to an attacker-controlled...

7.1CVSS5.9AI score0.00302EPSS
Exploits0References6
GithubExploit
GithubExploit
โ€ขadded 2026/05/02 4:58 p.m.โ€ข90 views

clan-nxt-toolkit

๐Ÿ”ด CLAN NXT Toolkit โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•—...

5.8AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
โ€ขadded 2026/04/29 12:0 a.m.โ€ข6 views

Kuse Web App Abused to Host Phishing Document

Bad actors took advantage of the legitimate name and services of Kuse, a popular AI-based app designed for workplaces. The attackers exploited the usersโ€™ trust in Kuse to carry out a phishing attack...

5.4AI score
Exploits0
GithubExploit
GithubExploit
โ€ขadded 2026/04/24 9:53 a.m.โ€ข114 views

darkmarket-vuln-lab

๐Ÿ•ถ๏ธ Dark Market Simulator An intentionally vulnerable CTF-...

5.9AI score
Exploits0
GithubExploit
GithubExploit
โ€ขadded 2026/04/14 4:45 a.m.โ€ข87 views

Vulnerable-Web-App-Scanner

Vulnerable-Web-App-Scanner Pent...

5.8AI score
Exploits0
SUSE CVE
SUSE CVE
โ€ขadded 2026/04/09 11:29 p.m.โ€ข9 views

SUSE CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

7.3AI score0.0017EPSS
Exploits0References3
EUVD
EUVD
โ€ขadded 2026/04/09 5:8 p.m.โ€ข5 views

EUVD-2026-20978

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, the redirect parameter upon login to LORIS was not validating the value of the redirect as being within LORIS,...

4.3CVSS6AI score0.00204EPSS
Exploits0References4
UbuntuCve
UbuntuCve
โ€ขadded 2026/04/08 10:16 p.m.โ€ข4 views

CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

6.6CVSS5.8AI score0.0017EPSS
Exploits0References3
Debian CVE
Debian CVE
โ€ขadded 2026/04/08 9:20 p.m.โ€ข2 views

CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

6.6CVSS8.4AI score0.0017EPSS
Exploits0
CNNVD
CNNVD
โ€ขadded 2026/04/07 12:0 a.m.โ€ข8 views

Google Chrome ๅฎ‰ๅ…จๆผๆดž

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in PWA implementations. It could allow remote attackers who have infiltrated...

6.6CVSS7.5AI score0.0017EPSS
Exploits0References3
NVD
NVD
โ€ขadded 2026/03/31 10:16 a.m.โ€ข12 views

CVE-2026-4317

SQL inyection SQLi vulnerability in Umami Software web application through an improperly sanitized parameter, which could allow an authenticated attacker to execute arbitrary SQL commands in the database.Specifically, they could manipulate the value of the 'timezone' request parameter by includin...

9.3CVSS0.00345EPSS
Exploits0References1
CVE
CVE
โ€ขadded 2026/03/31 9:53 a.m.โ€ข11 views

CVE-2026-4317

CVE-2026-4317 describes an SQL injection in the Umami Software web application where an improperly sanitized timezone parameter is interpolated directly into SQL queries (potentially via prisma.rawQuery/prisma.$queryRawUnsafe or raw queries with ClickHouse). This authenticated-access vulnerabilit...

9.3CVSS6.2AI score0.00345EPSS
Exploits0References1
EUVD
EUVD
โ€ขadded 2026/03/25 6:31 p.m.โ€ข4 views

EUVD-2026-15485

Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to prevent rendering of external SVGs on link embeds which allows unauthenticated users to crash the Mattermost webapp and desktop app via creating an issue or PR on GitHub.. Mattermost Advisory ID:...

4.3CVSS5.8AI score0.00351EPSS
Exploits0References2
NVD
NVD
โ€ขadded 2026/03/25 5:16 p.m.โ€ข6 views

CVE-2026-20719

Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to prevent rendering of external SVGs on link embeds which allows unauthenticated users to crash the Mattermost webapp and desktop app via creating an issue or PR on GitHub.. Mattermost Advisory ID:...

7.5CVSS0.00351EPSS
Exploits0References1
Positive Technologies
Positive Technologies
โ€ขadded 2026/03/25 12:0 a.m.โ€ข12 views

PT-2026-27810

Name of the Vulnerable Software and Affected Versions Mattermost versions 11.4.0 and earlier Mattermost versions 11.3.1 and earlier Mattermost versions 11.2.3 and earlier Mattermost versions 10.11.11 and earlier Description The software does not properly prevent the rendering of external Scalable...

7.5CVSS5.9AI score0.00351EPSS
Exploits0References8
Snyk
Snyk
โ€ขadded 2026/03/24 12:48 p.m.โ€ข4 views

Malicious Package

Overview fancode-web-app is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
โ€ขadded 2026/03/24 12:48 p.m.โ€ข6 views

Malicious code in fancode-web-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e56c163153700b6fef7090e078a98b7c2403088e5c5f487344dc419af8adaa7 The package fancode-web-app was found to contain malicious code. Source: ghsa-malware a933e6c673f3cf2c4cb0e768570b64dcf627ac59e6b29c2e9afd5a5fb3d4396...

5.8AI score
Exploits0References1
OSV
OSV
โ€ขadded 2026/03/24 12:48 p.m.โ€ข11 views

MAL-2026-2130 Malicious code in fancode-web-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e56c163153700b6fef7090e078a98b7c2403088e5c5f487344dc419af8adaa7 The package fancode-web-app was found to contain malicious code. Source: ghsa-malware a933e6c673f3cf2c4cb0e768570b64dcf627ac59e6b29c2e9afd5a5fb3d4396...

5.8AI score
Exploits0References1
Rows per page
Query Builder