Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

76 matches found

Cvelist
Cvelistadded 2026/03/05 6:0 a.m.25 views

CVE-2026-2418 Login with Salesforce <= 1.0.2 - Unauthenticated Authentication Bypass

The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user such as admin by simply knowing the email...

0.00108EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/17 1:27 p.m.2 views

CVE-2025-2418

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in TR7 Cyber ​​Defense Inc. Web Application Firewall allows Phishing.This issue affects Web Application Firewall: from 4.30 through 16022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

4.3CVSS5.5AI score0.00011EPSS
Exploits0References1
OpenVAS
OpenVASadded 2025/11/12 12:0 a.m.1 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2025-2418)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00114EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 9:57 a.m.9 views

CVE-2024-2418

A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /vieworder.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...

9.8CVSS7.4AI score0.00152EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/05 9:27 p.m.6 views

CVE-2022-2418

A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/imgupload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack. The exploit has been disclosed to the...

8CVSS6.7AI score0.0028EPSS
Exploits1References1
OpenVAS
OpenVASadded 2024/09/12 12:0 a.m.50 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2418)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.02683EPSS
Exploits1References4
NVD
NVDadded 2024/03/13 6:15 p.m.16 views

CVE-2024-2418

A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /vieworder.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...

9.8CVSS6.8AI score0.00152EPSS
Exploits1References3
Cvelist
Cvelistadded 2024/03/13 6:0 p.m.20 views

CVE-2024-2418 SourceCodester Best POS Management System view_order.php sql injection

A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /vieworder.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...

6.5CVSS7.1AI score0.00152EPSS
Exploits1References3
CVE
CVEadded 2024/03/13 6:0 p.m.36 views

CVE-2024-2418

CVE-2024-2418 affects SourceCodester Best POS Management System 1.0. A vulnerability in /view_order.php, via the id parameter, allows SQL injection. Exploitation is possible remotely and details indicate a critical risk in some sources, with the exploit disclosed publicly. No patch/version fixes ...

9.8CVSS6.8AI score0.00152EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2024/03/13 6:0 p.m.19 views

CVE-2024-2418 SourceCodester Best POS Management System view_order.php sql injection

A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /vieworder.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...

6.5CVSS7.4AI score0.00152EPSS
Exploits1References3
CVE
CVEadded 2023/04/29 12:31 a.m.48 views

CVE-2023-2418

CVE-2023-2418 affects Konga version 2.8.3 running on Kong. The issue is in the Login API component, where handling leads to insufficiently random values. The documented attack complexity is high and exploitability is difficult, with multiple sources indicating the vulnerability could be exploited...

5.9CVSS4.8AI score0.00424EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVASadded 2022/08/26 12:0 a.m.16 views

Ubuntu: Security Advisory (USN-2418-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.0912EPSS
Exploits4References2
Circl
Circladded 2022/07/15 12:34 p.m.0 views

CVE-2022-2418

creationtimestamp| type| source ---|---|--- 2022-07-15 12:34:17+00:00| seen| https://t.me/cibsecurity/46293...

8CVSS7.9AI score0.0028EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/07/15 6:10 a.m.4 views

CVE-2022-2418 URVE Web Manager img_upload.php unrestricted upload

A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/imgupload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack. The exploit has been disclosed to the...

8CVSS7AI score0.0028EPSS
Exploits1References2
CVE
CVEadded 2022/07/15 6:10 a.m.45 views

CVE-2022-2418

The CVE-2022-2418 entry concerns URVE Web Manager. Affects the file kreator.html5/img_upload.php, where an unrestricted file upload is possible. Underlying cause is unsafe file upload handling in that component, enabling potentially malicious code or data to be uploaded. The vulnerability is clas...

8CVSS7.9AI score0.0028EPSS
Exploits1References2Affected Software1
Rockylinux
Rockylinuxadded 2021/09/21 7:13 a.m.80 views

mysql:8.0 security, bug fix, and enhancement update

An update is available for mecab-ipadic, mecab, mysql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MySQL is a multi-user, multi-threaded SQL database server...

8CVSS7.2AI score0.51799EPSS
Exploits3
OpenVAS
OpenVASadded 2021/07/22 12:0 a.m.26 views

Oracle MySQL Server 8.0 <= 8.0.25 Security Update (cpujul2021) - Windows

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

8CVSS5.8AI score0.05389EPSS
Exploits0References2
OSV
OSVadded 2021/07/21 3:15 p.m.17 views

CVE-2021-2418

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS5.8AI score
Exploits0References2
CVE
CVEadded 2021/07/20 10:44 p.m.152 views

CVE-2021-2418

CVE-2021-2418 affects Oracle MySQL Server (Server: Optimizer). The vulnerability is exploitable in affected MySQL Server versions 8.0.25 and earlier, enabling a high-privilege attacker with network access via multiple protocols to cause a hang or crash (complete DOS). Public-document details cons...

4.9CVSS4.7AI score0.00266EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2021/07/20 10:44 p.m.14 views

CVE-2021-2418

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS5.9AI score0.00266EPSS
Exploits0References2
Rows per page
Query Builder