Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

75 matches found

ATTACKERKB
ATTACKERKBadded 2026/03/23 7:54 p.m.1 views

CVE-2026-2298

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Salesforce Marketing Cloud Engagement allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 30th, 2026...

5.8AI score0.0007EPSS
Exploits0References2
Circl
Circladded 2026/03/23 7:16 p.m.2 views

CVE-2026-2298

creationtimestamp| type| source ---|---|--- 2026-03-23 19:16:25+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-2298...

9.4CVSS5.8AI score0.0007EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : dotnet5.0-5.0.203-1.el8.ML.1 (AXSA:2021-2298:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2298:06 advisory. dotnet: .NET Core single-file application privilege escalation CVE-2021-31204 In order for the update to be complete, self-contained applications deployed...

7.8CVSS7.4AI score0.03717EPSS
Exploits0References2
EUVD
EUVDadded 2026/01/13 3:29 p.m.1 views

EUVD-2026-2298

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Limit numsyncs to prevent oversized allocations The exec and vmbind ioctl allow userspace to specify an arbitrary numsyncs value. Without bounds checking, a very large numsyncs can force an excessively large allocation,...

5.9AI score0.00032EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/09 10:15 a.m.4 views

CVE-2019-2298

Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...

7.8CVSS9.3AI score0.00044EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-2298

Malicious code in bioql PyPI...

7.5CVSS8AI score0.01314EPSS
Exploits0References1
OSV
OSVadded 2025/08/23 9:26 a.m.1 views

CGA-8CRV-MQJ3-2298

Bulletin has no description...

7.7CVSS8.6AI score0.00126EPSS
Exploits0
Circl
Circladded 2025/04/21 4:2 p.m.5 views

CVE-2025-2298

creationtimestamp| type| source ---|---|--- 2025-04-21 16:02:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12684 2025-04-21 18:09:13+00:00| seen| https://t.me/cvedetector/23438 2025-04-21 18:31:51+00:00| published-proof-of-concept| Telegram/5EJUZnGupE7gi7RJmr2FV0ZRgpmrRFRfEIarwGmxg4P8ExE...

8.4CVSS4.8AI score0.00175EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/04/21 3:12 p.m.15 views

CVE-2025-2298 Authenticated API Endpoint Allows Arbitrary File Deletion in Dremio Software

An improper authorization vulnerability in Dremio Software allows authenticated users to delete arbitrary files that the system has access to, including system files and files stored in remote locations such as S3, Azure Blob Storage, and local filesystems. This vulnerability exists due to...

8.4CVSS6.6AI score0.00175EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2024/05/06 12:0 a.m.23 views

Oracle Linux 9 : tigervnc (ELSA-2024-2298)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2298 advisory. - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice Resolves: RHEL-20389 - Fix CVE-2024-21885 tigervnc:...

9.8CVSS6.9AI score0.03015EPSS
Exploits0References3
Circl
Circladded 2024/03/08 8:21 a.m.0 views

CVE-2024-2298

creationtimestamp| type| source ---|---|--- 2024-03-08 08:21:55+00:00| seen| https://t.me/ctinow/203131 2024-03-08 08:26:43+00:00| seen| https://t.me/ctinow/203139...

4.3CVSS6.2AI score0.00066EPSS
Exploits0References2
OSV
OSVadded 2024/03/08 7:15 a.m.0 views

CVE-2024-2298

The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the atkpimportproduct function in all versions up to, and including, 3.5.4. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.6AI score
Exploits0References2
CVE
CVEadded 2024/03/08 6:58 a.m.76 views

CVE-2024-2298

CVE-2024-2298 affects the WordPress plugin “affiliate-toolkit – WordPress Affiliate Plugin”. The root cause is a missing capability check in the atkp_import_product() function, leading to broken access control. This allows authenticated users with subscriber-level access and above to perform unau...

4.3CVSS4.9AI score0.00066EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2024/03/08 12:0 a.m.10 views

WordPress affiliate-toolkit Plugin <= 3.5.4 is vulnerable to Broken Access Control

Software affiliate-toolkit Type Plugin Vulnerable versions = 3.5.4 Fixed in 3.5.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-2298 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d859163539c3 Credits Lucio Sá Required privilege...

4.3CVSS6.5AI score0.00066EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2023/12/07 6:15 p.m.0 views

CVE-2023-41168

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability issue 1 of 4...

5.4CVSS5.7AI score0.00569EPSS
Exploits0References2
OSV
OSVadded 2023/12/07 6:15 p.m.1 views

CVE-2023-41168

NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability issue 1 of 4...

5.4CVSS5.8AI score0.00569EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/12/07 12:0 a.m.1 views

PT-2023-27846 · Netscout · Ngeniusone

Name of the Vulnerable Software and Affected Versions: NetScout nGeniusONE version 6.3.4 build 2298 Description: The issue is a Reflected Cross-Site scripting vulnerability. Recommendations: For NetScout nGeniusONE version 6.3.4 build 2298, consider disabling the affected feature or restricting...

6.1CVSS6.1AI score0.00227EPSS
Exploits0References5
CVE
CVEadded 2023/12/07 12:0 a.m.28 views

CVE-2023-41172

CVE-2023-41172 affects NetScout nGeniusONE 6.3.4 build 2298, with a stored cross-site scripting vulnerability (issue 4 of 4). The initial entry notes a stored XSS vulnerability; CVSSv3.1 base score 5.4 (NETWORK, LOW attack complexity, user interaction required). The connected documents provide no...

5.4CVSS5.3AI score0.00324EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/12/07 12:0 a.m.38 views

CVE-2023-41171

NetScout nGeniusONE 6.3.4 build 2298 is affected by a Stored Cross-Site Scripting vulnerability (issue 3 of 4). The CVE entry explicitly identifies NetScout nGeniusONE 6.3.4 build 2298 as vulnerable. From NVD metrics, the CVSS 3.1 base score is 5.4 (Medium) with an attack vector of NETWORK , atta...

5.4CVSS5.3AI score0.00475EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/12/07 12:0 a.m.10 views

CVE-2023-41170

NetScout nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting vulnerability...

6.4AI score0.00227EPSS
Exploits0References1
Rows per page
Query Builder