Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

Microsoft CVE
Microsoft CVEadded 27 minutes ago5 views

Chromium: CVE-2026-13029 Use after free in Web Authentication

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

7.5CVSS5.8AI score0.00149EPSS
Exploits0
NVD
NVDadded 3 days ago6 views

CVE-2026-13029

Use after free in Web Authentication in Google Chrome prior to 149.0.7827.197 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

7.5CVSS0.00149EPSS
Exploits0References2
CVE
CVEadded 3 days ago17 views

CVE-2026-13029

CVE-2026-13029: Use-after-free in Web Authentication for Google Chrome, fixed in or after 149.0.7827.197. Affected component: Web Authentication flow; vulnerability arises when a user is convinced to install a malicious Chrome Extension, potentially enabling heap corruption via a crafted extensio...

7.5CVSS5.9AI score0.00149EPSS
Exploits0References2Affected Software1
Circl
Circladded 2025/12/31 6:37 a.m.4 views

CVE-2025-13029

creationtimestamp| type| source ---|---|--- 2025-12-31 06:37:22+00:00| seen| https://bsky.app/profile/potato.software/post/3mbbaupnewh24 2026-01-02 15:22:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mbh75gxx7u2p 2026-01-02 18:50:33+00:00| seen|...

7.5CVSS5.7AI score0.00213EPSS
Exploits0References2
NVD
NVDadded 2025/12/31 6:15 a.m.5 views

CVE-2025-13029

The Knowband Mobile App Builder WordPress plugin before 3.0.0 does not have authorisation when deleting users via its REST API, allowing unauthenticated attackers to delete arbitrary users...

7.5CVSS0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:54 a.m.6 views

CVE-2024-13029

A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack...

8.8CVSS4.8AI score0.00502EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/03/20 3:46 p.m.10 views

CVE-2019-13029

Multiple stored Cross-site scripting XSS issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser...

4.8CVSS5.9AI score0.02469EPSS
Exploits4References1
Circl
Circladded 2025/03/19 8:18 p.m.4 views

CVE-2019-13029

creationtimestamp| type| source ---|---|--- 2025-03-19 20:18:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8145...

4.8CVSS4.7AI score0.02469EPSS
Exploits4References1
Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-13029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:printccpconfigoptions. CVE-2017-13029 Note that Nessus relies on the presence of th...

9.8CVSS7AI score0.03428EPSS
Exploits0References2
NVD
NVDadded 2024/12/30 12:15 a.m.13 views

CVE-2024-13029

A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack...

8.8CVSS0.00502EPSS
Exploits1References4
Circl
Circladded 2024/12/29 11:36 p.m.7 views

CVE-2024-13029

creationtimestamp| type| source ---|---|--- 2024-12-29 23:36:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113738738400003723 2024-12-30 01:45:02+00:00| seen| https://t.me/cvedetector/13909...

8.8CVSS4.5AI score0.00502EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/12/29 11:31 p.m.17 views

CVE-2024-13029 Antabot White-Jotter Edit Book book server-side request forgery

A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack...

5.3CVSS0.00502EPSS
Exploits1References4
CVE
CVEadded 2024/12/29 11:31 p.m.65 views

CVE-2024-13029

CVE-2024-13029 affects Antabot White-Jotter up to 0.2.2. The issue occurs in the Edit Book Handler’s /admin/content/book path, where an unknown function allows server-side request forgery (SSRF) and can be triggered remotely. Public exploit information exists. Connected sources confirm the vulner...

8.8CVSS4.8AI score0.00502EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2024/12/29 11:31 p.m.9 views

CVE-2024-13029 Antabot White-Jotter Edit Book book server-side request forgery

A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack...

5.3CVSS6.9AI score0.00502EPSS
Exploits1References4
Cvelist
Cvelistadded 2022/01/14 4:24 p.m.8 views

CVE-2020-13029

...

Exploits0
CVE
CVEadded 2022/01/14 4:24 p.m.23 views

CVE-2020-13029

CVE-2020-13029 is rejected and does not represent an active vulnerability entry.

6.7AI score
Exploits0
exploitpack
exploitpackadded 2019/07/19 12:0 a.m.37 views

REDCap 9.1.2 - Cross-Site Scripting

REDCap 9.1.2 - Cross-Site Scripting Exploit Title: REDCap - Details: Since it is an onkeypress event, it is triggered whenever the user touch any key and since the XSS payload is stored in the project name it appears in several pages. - Privileges: It requires admin privileges to store it. -...

3.5CVSS5AI score0.02469EPSS
Exploits4
Packet Storm
Packet Stormadded 2019/07/19 12:0 a.m.220 views

REDCap Cross Site Scripting

Exploit Title: REDCap - Details: Since it is an onkeypress event, it is triggered whenever the user touch any key and since the XSS payload is stored in the project name it appears in several pages. - Privileges: It requires admin privileges to store it. - Location example:...

4.3CVSS5.2AI score0.02469EPSS
Exploits4
CVE
CVEadded 2019/07/11 6:52 p.m.108 views

CVE-2019-13029

CVE-2019-13029 describes multiple stored XSS flaws in REDCap’s admin panel and survey system, affecting REDCap 8 prior to 8.10.20 and REDCap 9 prior to 9.1.2. The vulnerability allows an attacker with admin privileges to inject arbitrary HTML/JavaScript into a user’s browser, with the project nam...

4.8CVSS5AI score0.02469EPSS
Exploits4References3Affected Software1
NVD
NVDadded 2017/09/14 6:29 a.m.20 views

CVE-2017-13029

The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:printccpconfigoptions...

9.8CVSS9.6AI score0.03428EPSS
Exploits0References7
Rows per page
Query Builder