Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

25 matches found

RedhatCVE
RedhatCVEadded 2026/01/14 6:22 p.m.1 views

CVE-2026-20858

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...

7.8CVSS7.1AI score0.00036EPSS
Exploits0References1
OSV
OSVadded 2026/01/13 6:16 p.m.2 views

CVE-2026-20858

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00036EPSS
Exploits0References1
Circl
Circladded 2026/01/13 6:1 p.m.4 views

CVE-2026-20858

creationtimestamp| type| source ---|---|--- 2026-01-13 18:01:16+00:00| seen| https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review 2026-01-13 18:16:30+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0007 2026-04-10 10:53:42+00:00| seen|...

7.8CVSS5.7AI score0.00036EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/13 5:56 p.m.19 views

CVE-2026-20858 Windows Management Services Elevation of Privilege Vulnerability

...

7.8CVSS0.00036EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 7:56 a.m.5 views

CVE-2024-20858

Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application...

5.5CVSS6.4AI score0.0009EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:6 a.m.4 views

CVE-2023-20858

VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying...

7.2CVSS7.2AI score0.03674EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:8 p.m.5 views

CVE-2021-20858

Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS6.4AI score0.00209EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 8:6 a.m.8 views

CVE-2018-20858

Recommender before 2018-07-18 allows XSS...

6.1CVSS6.9AI score0.0024EPSS
Exploits0References1
The Hacker News
The Hacker Newsadded 2023/02/22 4:55 a.m.4 views

VMware Patches Critical Vulnerability in Carbon Black App Control Product

VMware on Tuesday released patches to address a critical security vulnerability affecting its Carbon Black App Control product. Tracked as CVE-2023-20858 , the shortcoming carries a CVSS score of 9.1 out of a maximum of 10 and impacts App Control versions 8.7.x, 8.8.x, and 8.9.x. The virtualizati...

9.1CVSS7.5AI score0.03674EPSS
Exploits0
The Hacker News
The Hacker Newsadded 2023/02/22 4:55 a.m.69 views

VMware Patches Critical Vulnerability in Carbon Black App Control Product

VMware on Tuesday released patches to address a critical security vulnerability affecting its Carbon Black App Control product. Tracked as CVE-2023-20858, the shortcoming carries a CVSS score of 9.1 out of a maximum of 10 and impacts App Control versions 8.7.x, 8.8.x, and 8.9.x. The virtualizatio...

9.1CVSS3.2AI score0.03674EPSS
Exploits0
Circl
Circladded 2023/02/22 2:17 a.m.2 views

CVE-2023-20858

creationtimestamp| type| source ---|---|--- 2023-02-22 02:17:07+00:00| seen| https://t.me/cibsecurity/58658 2023-02-22 06:06:59+00:00| seen| https://t.me/thehackernews/3078 2023-02-22 09:26:25+00:00| exploited| https://t.me/truesecator/4100 2023-02-22 10:40:44+00:00| seen|...

7.2CVSS7.4AI score0.03674EPSS
Exploits0References5
OSV
OSVadded 2023/02/22 12:15 a.m.1 views

CVE-2023-20858

VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying...

7.2CVSS5.8AI score0.03674EPSS
Exploits0References1
VMware
VMwareadded 2023/02/21 12:0 a.m.41 views

VMware Carbon Black App Control updates address an injection vulnerability (CVE-2023-20858)

3. Injection Vulnerability CVE-2023-20858 VMware Carbon Black App Control contains an injection vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.1...

5.8CVSS7.6AI score0.03674EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2023/02/21 12:0 a.m.150 views

CVE-2023-20858

CVE-2023-20858 affects VMware Carbon Black App Control management servers in versions 8.7.x before 8.7.8, 8.8.x before 8.8.6, and 8.9.x before 8.9.4. The issue is described as an injection vulnerability where a user with privileged access to the App Control administration console can supply speci...

7.2CVSS7.1AI score0.03674EPSS
Exploits0References1Affected Software1
Circl
Circladded 2022/07/21 7:12 a.m.0 views

CVE-2022-20858

creationtimestamp| type| source ---|---|--- 2022-07-21 07:12:59+00:00| seen| https://t.me/cibsecurity/46735 2022-07-21 19:30:04+00:00| seen| https://t.me/truesecator/3205 2022-09-30 14:54:14+00:00| seen| https://t.me/thehackernews/2394...

9.8CVSS8.9AI score0.01433EPSS
Exploits0References3
CVE
CVEadded 2022/07/21 3:45 a.m.126 views

CVE-2022-20858

CVE-2022-20858 affects Cisco Nexus Dashboard for data centers/cloud networks. The issue stems from insufficient access control on a specific API, enabling an unauthenticated, remote attacker to execute arbitrary commands and read or upload container image files, and to perform a CSRF attack. Affe...

9.8CVSS8.6AI score0.01433EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/07/21 3:45 a.m.22 views

CVE-2022-20858 Cisco Nexus Dashboard Unauthorized Access Vulnerabilities

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details section of this...

9.8CVSS9.8AI score0.01433EPSS
Exploits0References1
Circl
Circladded 2021/12/01 7:35 a.m.1 views

CVE-2021-20858

creationtimestamp| type| source ---|---|--- 2021-12-01 07:35:16+00:00| seen| https://t.me/cibsecurity/33168...

5.4CVSS5.5AI score0.00209EPSS
Exploits0References1
NVD
NVDadded 2021/12/01 3:15 a.m.10 views

CVE-2021-20858

Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS0.00209EPSS
Exploits0References2
CVE
CVEadded 2021/12/01 2:15 a.m.44 views

CVE-2021-20858

CVE-2021-20858 is a cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and earlier. The issue allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors, potentially affecting the logged-in user’s browser session. The linked doc...

5.4CVSS5.7AI score0.00209EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder