The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive s...
The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages.
The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application instal...
CVE-2024-1698 – NotificationX WordPress Plugin SQL Injection Time‑Based Blind Unauthenticated Time‑Based Blind SQL Injection → Extract admin userna...
The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection.
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, whi...
nginx-rift-scanner Dependency-free Python 3 scanner for CVE-2026-42945 "NGINX Rift" — a CVSS v4.0 9.2 CRITICAL heap-based buffer overflow CWE-122 i...
DOMPurify re-clone bypass. Instead of relying on easily stripped source comments or version variables, this tool performs logic fingerprinting on m...
No description provided...
CrowCpp Crow through v1.3.1 HTTP is vulnerable to response header injection via unvalidated response header values.
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
