Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Packet Storm
Packet Stormadded 2026/05/14 12:0 a.m.31 views

📄 ePati Antikor NGFW 2.0.1301 Authentication Bypass

ePati Antikor NGFW version 2.0.1301 suffers from an authentication bypass vulnerability. Exploit Title: ePati Antikor NGFW 2.0.1301 - Authentication Bypass Date: 2026-04-13 Exploit Author: SADIK ERTÜRK Vendor Homepage: https://www.epati.com.tr/ Software Link: https://www.epati.com.tr/antikor-ngfw...

9.8CVSS5.8AI score0.02626EPSS
Exploits2
Snyk
Snykadded 2025/08/12 12:13 a.m.1 views

Missing Origin Validation in WebSockets

Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via the CheckOrigin function in the api/terminal.go file. An attacker can execute arbitrary commands on the target system by tricking an authenticated user into visiting a malicious web page that...

8.8CVSS7.5AI score0.00837EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2025/05/26 11:57 a.m.299 views

Exploit for Authentication Bypass Using an Alternate Path or Channel in Fortinet Fortiproxy

--port 443 --ssl Then use the prompt: FortiOS get sys...

9.8CVSS9.8AI score0.94124EPSS
Exploits9
RedhatCVE
RedhatCVEadded 2025/05/22 5:1 p.m.6 views

CVE-2020-25094

LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent installed. By default, the commands are run with LocalSystem...

10CVSS7.3AI score0.12431EPSS
Exploits1
Packet Storm
Packet Stormadded 2025/05/19 12:0 a.m.78 views

📄 Remote Keyboard Desktop 1.0.1 Remote Code Execution

Remote Keyboard Desktop version 1.0.1 suffers from a remote code execution vulnerability. Exploit Title: Remote Keyboard Desktop 1.0.1 Remote Code Execution Date: 05/17/2025 Exploit Author: Chokri Hammedi Vendor Homepage: https://remotecontrolio.web.app/ Software Link:...

8.3AI score
Exploits0
Zero Science Lab
Zero Science Labadded 2025/02/07 12:0 a.m.330 views

ABB Cylon FLXeon 9.3.4 (wsConnect.js) WebSocket Command Spawning PoC

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

9.4CVSS7.4AI score0.00146EPSS
Exploits4
GithubExploit
GithubExploitadded 2025/01/21 9:41 a.m.652 views

Exploit for Server-Side Request Forgery in Havocframework Havoc

CVE-2024-41570 | Havoc C2 SSRF with RCE | Automated Reverse Sh...

9.8CVSS7.1AI score0.74071EPSS
Exploits6
GithubExploit
GithubExploitadded 2020/01/07 11:31 a.m.2 views

Fast8690-exploit

Sagemcom Fast 3890 exploit This exploit uses the Cable Haunt...

7.3AI score
Exploits0
Rows per page
Query Builder