A mass assignment vulnerability exists in the MISP user edit functionality due to insufficient filtering of user-supplied fields in UsersController...
WordPress ARMember Premium plugin versions 7.3.1 and below suffer from an insecure password reset mechanism that allows for administrative account ...
CVE-2024-1813 - Simple Job Board β€ 2.11.0 WordPress - Unauthenticated PHP Object Injection π₯ Proof-of-Concept demo End-to-end: a guest stores a se...
CVE-2026-41089 ββββββββββ βββββββββββ βββ βββ βββ βββββββ βββββββ βββββββββββ βββββββββββ βββ βββββββββββββββββββββββββ βββ βββ βββββββββ βββββββββ...
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary c...
CVE-2026-34234 - CtrlPanel Installer RCE Lab Local Docker lab for demonstrating CVE-2026-34234 in CtrlPanel. This repository compares: - vuln: Ctrl...
Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Automation Industry and Trade Ltd. Co. TeknoPass al...
A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group wri...
The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost netw...
Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning β all in one platform.
