Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

113 matches found

Circl
Circladded 2026/02/24 5:56 a.m.0 views

CVE-2026-3065

creationtimestamp| type| source ---|---|--- 2026-02-24 05:56:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfliaovwdd2e...

8.8CVSS6.3AI score0.00112EPSS
Exploits1References1
CVE
CVEadded 2026/02/24 2:32 a.m.4 views

CVE-2026-3065

CVE-2026-3065 affects HummerRisk up to 1.5.0, specifically the Cloud Task Dry-run component. The issue is in the function CommandUtils.commonExecCmdWithResult of CloudTaskService.java, where manipulating the fileName argument enables command injection. Remote exploitation is possible, and the exp...

8.8CVSS6.4AI score0.00112EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/24 2:32 a.m.3 views

CVE-2026-3065 HummerRisk Cloud Task Dry-run CloudTaskService.java CommandUtils.commonExecCmdWithResult command injection

A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing a manipulation of the argument fileName results in command injection. Remote exploitation of the...

6.5CVSS5.6AI score0.00112EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/02/24 2:32 a.m.2 views

CVE-2026-3065

A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing a manipulation of the argument fileName results in command injection. Remote exploitation of the...

6.5CVSS5.2AI score0.00112EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-43756

Malicious code in bioql PyPI...

7.5CVSS6.7AI score0.00118EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:49 p.m.2 views

CVE-2022-3065

Improper Access Control in GitHub repository jgraph/drawio prior to 20.2.8...

7.5CVSS6.8AI score0.00355EPSS
Exploits1References1
Circl
Circladded 2025/04/24 9:12 a.m.3 views

CVE-2025-3065

creationtimestamp| type| source ---|---|--- 2025-04-24 09:12:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13210 2025-04-24 10:15:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnkhz7q6w32b 2025-04-24 11:48:18+00:00| seen|...

9.1CVSS8.7AI score0.03234EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/04/24 8:23 a.m.16 views

CVE-2025-3065 Database Toolset <= 1.8.4 - Unauthenticated Arbitrary File Deletion

The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote co...

9.1CVSS0.03234EPSS
Exploits0References3
CVE
CVEadded 2025/04/24 8:23 a.m.68 views

CVE-2025-3065

CVE-2025-3065 affects the WordPress plugin Database Toolset (

9.1CVSS9.6AI score0.03234EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/03/03 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2010-3065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent...

5CVSS6.2AI score0.00425EPSS
Exploits1References2
OpenVAS
OpenVASadded 2023/10/31 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-3065)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.8AI score0.00016EPSS
Exploits0References2
NVD
NVDadded 2023/06/05 9:15 a.m.7 views

CVE-2023-3065

Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20...

9.1CVSS6.4AI score0.00118EPSS
Exploits2References1
Prion
Prionadded 2023/06/05 9:15 a.m.10 views

Code injection

Anonymous user may get the list of existing users managed by the application, that could ease further attacks see CVE-2023-3065 and 3066This issue affects Mobatime mobile application AMXGT100 through 1.3.20...

5CVSS7.1AI score0.00118EPSS
Exploits2References1Affected Software1
Cvelist
Cvelistadded 2023/06/05 8:27 a.m.11 views

CVE-2023-3065 Mobatime mobile application - Authentication bypass

Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20...

9.1CVSS8.1AI score0.0006EPSS
Exploits2References1
CVE
CVEadded 2023/06/05 8:27 a.m.29 views

CVE-2023-3065

CVE-2023-3065 concerns the Mobatime mobile app AMXGT100, with an improper authentication flaw that enables authentication bypass up to version 1.3.20. The available description states the vulnerability is in the authentication mechanism and affects the Mobatime AMXGT100 application, but it does n...

9.1CVSS6.4AI score0.00118EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/06/05 8:27 a.m.9 views

CVE-2023-3065 Mobatime mobile application - Authentication bypass

Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20...

9.1CVSS6.9AI score0.0006EPSS
Exploits2References1
SUSE CVE
SUSE CVEadded 2023/02/15 5:57 a.m.1 views

SUSE CVE-2010-3065

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...

5CVSS7.1AI score0.00425EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletinsadded 2022/09/22 3:2 a.m.43 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Asset and Service Management

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 5, 6, and 7 that are used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Asset Management for Energy Optimization, Maximo Industry Solutions including Maximo for Government, Maximo fo...

3.4CVSS4.3AI score0.93538EPSS
Exploits6Affected Software14
Circl
Circladded 2022/09/02 10:39 p.m.0 views

CVE-2022-3065

creationtimestamp| type| source ---|---|--- 2022-09-02 22:39:26+00:00| seen| https://t.me/cibsecurity/49253...

7.5CVSS5.8AI score0.00355EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/09/02 7:15 p.m.1 views

CVE-2022-3065

Improper Access Control in GitHub repository jgraph/drawio prior to 20.2.8...

7.5CVSS6.3AI score0.00355EPSS
Exploits1References3
Rows per page
Query Builder