Login
FreshRSS
Login
Secure Planet Training Courses Updated For 2019 - Click Here
Main stream
Favourites (0)
My labels
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
ICS-CERT Alert Feed
InfoSec Resources
Infosec Island Latest Articles
Krebs on Security
McAfee Blogs
Naked Security
News โ Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security โ Cisco Blog
SecurityFocus News
The Hacker News
The Register - Security
The first stop for security news | Threatpost
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WIRED
WeLiveSecurity
ZDNet | security RSS
http://blog.trendmicro.com/feed
Tools
KitPloit - PenTest Tools!
Security Tool Files โ Packet Storm
ToolsWatch.org โ The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files โ Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Exploit-DB Updates
[webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
โ May 6
th
2025 at 00:00
Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
Exploit-DB Updates
[webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
โ May 6
th
2025 at 00:00
Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
Exploit-DB Updates
[webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
โ May 6
th
2025 at 00:00
ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Exploit-DB Updates
[local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
โ May 1
st
2025 at 00:00
Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
Exploit-DB Updates
[local] ZTE ZXV10 H201L - RCE via authentication bypass
โ May 1
st
2025 at 00:00
ZTE ZXV10 H201L - RCE via authentication bypass
Exploit-DB Updates
[local] Daikin Security Gateway 14 - Remote Password Reset
โ May 1
st
2025 at 00:00
Daikin Security Gateway 14 - Remote Password Reset
Exploit-DB Updates
[local] Microsoft - NTLM Hash Disclosure Spoofing (library-ms)
โ May 1
st
2025 at 00:00
Microsoft - NTLM Hash Disclosure Spoofing (library-ms)
Exploit-DB Updates
[local] unzip-stream 0.3.1 - Arbitrary File Write
โ April 30
th
2025 at 00:00
unzip-stream 0.3.1 - Arbitrary File Write
Exploit-DB Updates
[local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
โ April 22
nd
2025 at 00:00
tar-fs 3.0.0 - Arbitrary File Write/Overwrite
Exploit-DB Updates
[webapps] WordPress Core 6.2 - Directory Traversal
โ April 22
nd
2025 at 00:00
WordPress Core 6.2 - Directory Traversal
Exploit-DB Updates
[local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
โ April 22
nd
2025 at 00:00
Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
Exploit-DB Updates
[remote] OpenSSH server (sshd) 9.8p1 - Race Condition
โ April 22
nd
2025 at 00:00
OpenSSH server (sshd) 9.8p1 - Race Condition
Exploit-DB Updates
[remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
โ April 22
nd
2025 at 00:00
WonderCMS 3.4.2 - Remote Code Execution (RCE)
Exploit-DB Updates
[remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
โ April 22
nd
2025 at 00:00
code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
Exploit-DB Updates
[remote] Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
โ April 22
nd
2025 at 00:00
Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
Exploit-DB Updates
[local] Microsoft Windows 11 - Kernel Privilege Escalation
โ April 22
nd
2025 at 00:00
Microsoft Windows 11 - Kernel Privilege Escalation
Exploit-DB Updates
[webapps] FoxCMS 1.2.5 - Remote Code Execution (RCE)
โ April 19
th
2025 at 00:00
FoxCMS 1.2.5 - Remote Code Execution (RCE)
Exploit-DB Updates
[webapps] Drupal 11.x-dev - Full Path Disclosure
โ April 19
th
2025 at 00:00
Drupal 11.x-dev - Full Path Disclosure
Exploit-DB Updates
[webapps] UJCMS 9.6.3 - User Enumeration via IDOR
โ April 18
th
2025 at 00:00
UJCMS 9.6.3 - User Enumeration via IDOR
Exploit-DB Updates
[webapps] KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
โ April 18
th
2025 at 00:00
KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
Exploit-DB Updates
[webapps] Tatsu 3.3.11 - Unauthenticated RCE
โ April 18
th
2025 at 00:00
Tatsu 3.3.11 - Unauthenticated RCE
Exploit-DB Updates
[webapps] Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
โ April 18
th
2025 at 00:00
Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
Exploit-DB Updates
[webapps] Apache Commons Text 1.10.0 - Remote Code Execution
โ April 18
th
2025 at 00:00
Apache Commons Text 1.10.0 - Remote Code Execution
Exploit-DB Updates
[remote] Langflow 1.3.0 - Remote Code Execution (RCE)
โ April 18
th
2025 at 00:00
Langflow 1.3.0 - Remote Code Execution (RCE)
Exploit-DB Updates
[webapps] Inventio Lite 4 - SQL Injection
โ April 18
th
2025 at 00:00
Inventio Lite 4 - SQL Injection
Exploit-DB Updates
[webapps] Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation
โ April 17
th
2025 at 00:00
Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation
Exploit-DB Updates
[local] AnyDesk 9.0.1 - Unquoted Service Path
โ April 17
th
2025 at 00:00
AnyDesk 9.0.1 - Unquoted Service Path
Exploit-DB Updates
[webapps] compop.ca 3.5.3 - Arbitrary code Execution
โ April 17
th
2025 at 00:00
compop.ca 3.5.3 - Arbitrary code Execution
Exploit-DB Updates
[webapps] Usermin 2.100 - Username Enumeration
โ April 17
th
2025 at 00:00
Usermin 2.100 - Username Enumeration
Exploit-DB Updates
[hardware] ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
โ April 17
th
2025 at 00:00
ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
Exploit-DB Updates
[hardware] ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) - Authenticated Path Traversal
โ April 17
th
2025 at 00:00
ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) - Authenticated Path Traversal
Exploit-DB Updates
[webapps] Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)
โ April 17
th
2025 at 00:00
Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)
Exploit-DB Updates
[webapps] IBMi Navigator 7.5 - HTTP Security Token Bypass
โ April 17
th
2025 at 00:00
IBMi Navigator 7.5 - HTTP Security Token Bypass
Exploit-DB Updates
[remote] TP-Link VN020 F3v(T) TT_V6.2.1021 - Buffer Overflow Memory Corruption
โ April 17
th
2025 at 00:00
TP-Link VN020 F3v(T) TT_V6.2.1021 - Buffer Overflow Memory Corruption
Exploit-DB Updates
[remote] TP-Link VN020 F3v(T) TT_V6.2.1021 - Denial Of Service (DOS)
โ April 17
th
2025 at 00:00
TP-Link VN020 F3v(T) TT_V6.2.1021 - Denial Of Service (DOS)
Exploit-DB Updates
[hardware] ABB Cylon Aspect 4.00.00 (factorySaved.php) - Unauthenticated XSS
โ April 16
th
2025 at 00:00
ABB Cylon Aspect 4.00.00 (factorySaved.php) - Unauthenticated XSS
Exploit-DB Updates
[webapps] phpMyFAQ 3.2.10 - Unintended File Download Triggered by Embedded Frames
โ April 16
th
2025 at 00:00
phpMyFAQ 3.2.10 - Unintended File Download Triggered by Embedded Frames
Exploit-DB Updates
[hardware] ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php) - File Write DoS
โ April 16
th
2025 at 00:00
ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php) - File Write DoS
Exploit-DB Updates
[remote] WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page
โ April 16
th
2025 at 00:00
WebMethods Integration Server 10.15.0.0000-0092 - Improper Access on Login Page
Exploit-DB Updates
[webapps] ProConf 6.0 - Insecure Direct Object Reference (IDOR)
โ April 16
th
2025 at 00:00
ProConf 6.0 - Insecure Direct Object Reference (IDOR)
Exploit-DB Updates
[webapps] Ethercreative Logs 3.0.3 - Path Traversal
โ April 16
th
2025 at 00:00
Ethercreative Logs 3.0.3 - Path Traversal
Exploit-DB Updates
[webapps] FLIR AX8 1.46.16 - Remote Command Injection
โ April 16
th
2025 at 00:00
FLIR AX8 1.46.16 - Remote Command Injection
Exploit-DB Updates
[webapps] Car Rental Project 1.0 - Remote Code Execution
โ April 16
th
2025 at 00:00
Car Rental Project 1.0 - Remote Code Execution
Exploit-DB Updates
[local] Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account
โ April 16
th
2025 at 00:00
Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account
Exploit-DB Updates
[local] ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE)
โ April 16
th
2025 at 00:00
ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE)
Exploit-DB Updates
[webapps] KodExplorer 4.52 - Open Redirect
โ April 16
th
2025 at 00:00
KodExplorer 4.52 - Open Redirect
Exploit-DB Updates
[remote] Dell EMC iDRAC7/iDRAC8 2.52.52.52 - Remote Code Execution (RCE)
โ April 16
th
2025 at 00:00
Dell EMC iDRAC7/iDRAC8 2.52.52.52 - Remote Code Execution (RCE)
Exploit-DB Updates
[hardware] ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution
โ April 16
th
2025 at 00:00
ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) - Remote Code Execution
Exploit-DB Updates
[remote] Fortinet FortiOS, FortiProxy, and FortiSwitchManager 7.2.0 - Authentication bypass
โ April 16
th
2025 at 00:00
Fortinet FortiOS, FortiProxy, and FortiSwitchManager 7.2.0 - Authentication bypass
Exploit-DB Updates
[webapps] Garage Management System 1.0 (categoriesName) - Stored XSS
โ April 16
th
2025 at 00:00
Garage Management System 1.0 (categoriesName) - Stored XSS
Exploit-DB Updates
[webapps] WooCommerce Customers Manager 29.4 - Post-Authenticated SQL Injection
โ April 16
th
2025 at 00:00
WooCommerce Customers Manager 29.4 - Post-Authenticated SQL Injection
Exploit-DB Updates
[webapps] Smart Manager 8.27.0 - Post-Authenticated SQL Injection
โ April 16
th
2025 at 00:00
Smart Manager 8.27.0 - Post-Authenticated SQL Injection
Exploit-DB Updates
[remote] Hugging Face Transformers MobileViTV2 4.41.1 - Remote Code Execution (RCE)
โ April 16
th
2025 at 00:00
Hugging Face Transformers MobileViTV2 4.41.1 - Remote Code Execution (RCE)
Exploit-DB Updates
[webapps] Teedy 1.11 - Account Takeover via Stored Cross-Site Scripting (XSS)
โ April 16
th
2025 at 00:00
Teedy 1.11 - Account Takeover via Stored Cross-Site Scripting (XSS)
Exploit-DB Updates
[webapps] NagVis 1.9.33 - Arbitrary File Read
โ April 16
th
2025 at 00:00
NagVis 1.9.33 - Arbitrary File Read
Exploit-DB Updates
[webapps] Zabbix 7.0.0 - SQL Injection
โ April 16
th
2025 at 00:00
Zabbix 7.0.0 - SQL Injection
Exploit-DB Updates
[hardware] ABB Cylon Aspect 3.08.02 - Cross-Site Request Forgery (CSRF)
โ April 16
th
2025 at 00:00
ABB Cylon Aspect 3.08.02 - Cross-Site Request Forgery (CSRF)
Exploit-DB Updates
[webapps] phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)
โ April 16
th
2025 at 00:00
phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)
Exploit-DB Updates
[webapps] ABB Cylon Aspect 3.08.03 (MapServicesHandler) - Authenticated Reflected XSS
โ April 15
th
2025 at 00:00
ABB Cylon Aspect 3.08.03 (MapServicesHandler) - Authenticated Reflected XSS
Exploit-DB Updates
[webapps] ABB Cylon Aspect 3.08.03 - Hard-coded Secrets
โ April 15
th
2025 at 00:00
ABB Cylon Aspect 3.08.03 - Hard-coded Secrets
Load more articles
Login
FreshRSS