Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Cvelist
Cvelistadded 2026/04/02 5:26 p.m.16 views

CVE-2026-34590 Postiz: SSRF via Webhook Creation Endpoint Missing URL Safety Validation

Postiz is an AI social media scheduling tool. Prior to version 2.21.4, the POST /webhooks/ endpoint for creating webhooks uses WebhooksDto which validates the url field with only @IsUrl format check, missing the @IsSafeWebhookUrl validator that blocks internal/private network addresses. The updat...

5.4CVSS0.00039EPSS
Exploits1References3
OSV
OSVadded 2025/08/14 6:52 p.m.2 views

MAL-2025-34590 Malicious code in tbkgzmwqjfnpekoi (npm)

The package tbkgzmwqjfnpekoi was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSVadded 2024/07/02 10:15 a.m.1 views

CVE-2024-34590

Improper input validation혻in parsing an item type from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability...

4.3CVSS5.8AI score0.00555EPSS
Exploits0References1
CVE
CVEadded 2024/07/02 9:23 a.m.53 views

CVE-2024-34590

CVE-2024-34590 affects librtp.so (pre-SMR Jul-2024 Release 1). The vulnerability stems from improper input validation when parsing an item type from RTCP SDES packets, enabling remote denial of service with user interaction required. Affected versions are librtp.so prior to SMR Jul-2024 Release 1...

5.3CVSS4.9AI score0.00555EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/07/20 9:15 p.m.1 views

CVE-2022-34590

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/admin.php...

7.2CVSS6AI score0.04193EPSS
Exploits1References3
CVE
CVEadded 2022/07/20 8:50 p.m.75 views

CVE-2022-34590

Hospital Management System 1.0 is affected by a SQL injection via the editid parameter in /HMS/admin.php. Exploitation could allow an attacker to read data, modify data, and perform unauthorized administrative operations within the affected site, as described in the Nuclei template and CVE record...

7.2CVSS7.2AI score0.04193EPSS
Exploits1References1Affected Software1
Circl
Circladded 2022/04/27 8:13 p.m.0 views

CVE-2021-34590

creationtimestamp| type| source ---|---|--- 2022-04-27 20:13:18+00:00| seen| https://t.me/cibsecurity/41511...

5.4CVSS5.5AI score0.00347EPSS
Exploits0References1
CVE
CVEadded 2022/04/27 3:15 p.m.67 views

CVE-2021-34590

CVE-2021-34590 affects Bender/ebee Charge Controllers. The issue is a Cross-site Scripting vulnerability where authenticated attackers can inject HTML code into configuration values, which are not properly escaped when displayed. Multiple sources confirm the vulnerability across several product l...

5.4CVSS5.4AI score0.00347EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/04/27 3:15 p.m.12 views

CVE-2021-34590 Bender Charge Controller: Cross-site Scripting

In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed...

5.4CVSS5.7AI score0.00347EPSS
Exploits0References1
Cvelist
Cvelistadded 1976/01/01 12:0 a.m.19 views

CVE-2025-34590

...

Exploits0
CVE
CVEadded 1976/01/01 12:0 a.m.3 views

CVE-2025-34590

CVE-2025-34590 is rejected/not used and does not represent an active vulnerability entry.

6.6AI score
Exploits0
Rows per page
Query Builder