AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the targ...
AVideo through version 27.0 contains a server-side request forgery vulnerability in plugin/Live/test.php that allows authenticated administrators t...
AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing Pay...
vLLM versions >= 0.10.2 and < 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tens...
vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Several regex patterns — in vllm/...
Flowise 3.1.2 Custom MCP Environment Variable Case Bypass PoC This repository documents and validates an authenticated Windows ACE/RCE-class issue ...
No description provided...
Cybersecurity Home Lab Overview This project documents my beginner cybersecurity home lab using VMware, Kali Linux, Metasploitable 2, and DVWA. The...
🚩 CTF / Hackathon Starter Pack A complete, offline-ready toolkit for cyber CTFs and hackathons Hack The Box / picoCTF / TryHackMe style. Everythin...
Capgo before 12.128.2 contains an open redirect vulnerability in the confirm-signup endpoint that allows attackers to redirect users to arbitrary e...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
