Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20608 matches found

NVD
NVDadded 2026/04/29 8:16 p.m.4 views

CVE-2018-25311

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...

7.1CVSS0.00596EPSS
Exploits0References3
NVD
NVDadded 2026/04/29 8:16 p.m.2 views

CVE-2018-25312

LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interface. Attackers can exploit the upload endpoint with directory traversal sequences to write files to...

7.1CVSS0.00933EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/29 7:25 p.m.4 views

CVE-2018-25311

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...

7.1CVSS5.9AI score0.00596EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/04/29 7:25 p.m.32 views

CVE-2018-25311 VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...

7.1CVSS0.00596EPSS
Exploits0References3
CVE
CVEadded 2026/04/29 7:25 p.m.6 views

CVE-2018-25311

VideoFlow Digital Video Protection DVP 2.10 is affected by an authenticated directory traversal vulnerability. An authenticated attacker can disclose arbitrary files by injecting path traversal sequences into the ID parameter when issuing requests to downloadsys.pl, download_xml.pl, download.pl, ...

7.1CVSS5.9AI score0.00596EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/29 7:25 p.m.5 views

EUVD-2018-21832

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows authenticated attackers to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl, downloadxml.pl,...

7.1CVSS5.2AI score0.00596EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/29 7:25 p.m.3 views

CVE-2018-25311 VideoFlow Digital Video Protection DVP 2.10 Authenticated Directory Traversal

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers with valid credentials to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl,...

7.1CVSS5.9AI score0.00596EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/29 7:24 p.m.26 views

CVE-2018-25312 LifeSize ClearSea 3.1.4 Directory Traversal Remote Code Execution

LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interface. Attackers can exploit the upload endpoint with directory traversal sequences to write files to...

7.1CVSS0.00933EPSS
Exploits0References2
CVE
CVEadded 2026/04/29 7:24 p.m.6 views

CVE-2018-25312

CVE-2018-25312 affects LifeSize ClearSea 3.1.4. The vulnerability is a directory traversal in the smartgui interface that, when combined with uploading and manipulating path parameters, allows an authenticated attacker with network access to write files to arbitrary locations and potentially achi...

7.1CVSS6AI score0.00933EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/29 7:24 p.m.4 views

EUVD-2018-21833

LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interface. Attackers can exploit the upload endpoint with directory traversal sequences to write files to...

7.1CVSS6AI score0.00933EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/29 7:24 p.m.3 views

CVE-2018-25312 LifeSize ClearSea 3.1.4 Directory Traversal Remote Code Execution

LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interface. Attackers can exploit the upload endpoint with directory traversal sequences to write files to...

7.1CVSS6AI score0.00933EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletinsadded 2026/04/29 6:54 p.m.5 views

Security Bulletin: Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS

Summary Vulnerabilities in PostgreSQL could allow an attacker to cause a denial of service CVE-2025-4207, read sensitive data CVE-2025-8713, or inject arbitrary code CVE-2025-8714, CVE-2025-8715. PowerVM VIOS uses PostgreSQL as part of Shared Storage Pools SSP and for internal administration...

8.8CVSS7.4AI score0.00709EPSS
Exploits2Affected Software1
Snyk
Snykadded 2026/04/29 2:22 p.m.4 views

Download of Code Without Integrity Check

Overview Affected versions of this package are vulnerable to Download of Code Without Integrity Check in the update process due to improper handling of attacker-controlled HTTP response headers. An attacker can achieve arbitrary code execution by influencing update responses to inject path...

9.8CVSS6.5AI score0.00625EPSS
Exploits1References2
NVD
NVDadded 2026/04/29 2:16 p.m.2 views

CVE-2026-5140

Improper neutralization of CRLF sequences 'CRLF injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4...

8.8CVSS0.00481EPSS
Exploits0References2
OSV
OSVadded 2026/04/29 1:50 p.m.3 views

USN-8223-1 roundcube vulnerabilities

It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibly use this issue to cause a homograph attack. CVE-2019-15237 It was discovered that Roundcube Webmail did not properly sanitize certain attributes when handling CSS within HTML messages and...

9.3CVSS7AI score0.52099EPSS
Exploits6References8
Ubuntu
Ubuntuadded 2026/04/29 1:50 p.m.6 views

USN-8223-1: Roundcube Webmail vulnerabilities

It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibly use this issue to cause a homograph attack. CVE-2019-15237 It was discovered that Roundcube Webmail did not properly sanitize certain attributes when handling CSS within HTML messages and...

9.3CVSS7AI score0.52099EPSS
Exploits6
IBM Security Bulletins
IBM Security Bulletinsadded 2026/04/29 1:24 p.m.12 views

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.13.1 Vulnerability Details CVEID:CVE-2026-22737 DESCRIPTION: Use of Java scripting engine enabled e.g. JRuby, Jython template views in Spring MVC and Spring WebFlux applications can result in disclosure of conten...

8.8CVSS8.7AI score0.48666EPSS
Exploits9Affected Software1
Cvelist
Cvelistadded 2026/04/29 1:2 p.m.28 views

CVE-2026-5140 Authorization Bypass in TUBITAK BILGEM's Pardus Update

Improper neutralization of CRLF sequences 'CRLF injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4...

8.8CVSS0.00481EPSS
Exploits0References2
CVE
CVEadded 2026/04/29 1:2 p.m.8 views

CVE-2026-5140

CVE-2026-5140 is a CRLF injection vulnerability in Pardus (TUBITAK BILGEM Software Technologies Research Institute). Affected: Pardus

8.8CVSS5.8AI score0.00481EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/29 1:2 p.m.0 views

CVE-2026-5140 Authorization Bypass in TUBITAK BILGEM's Pardus Update

Improper neutralization of CRLF sequences 'CRLF injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4...

8.8CVSS5.8AI score0.00481EPSS
Exploits0References2
Rows per page
Query Builder