Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

80 matches found

EUVD
EUVDadded 2026/01/22 4:52 p.m.3 views

EUVD-2026-3901

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Piqes piqes allows PHP Local File Inclusion.This issue affects Piqes: from n/a through = 1.0.11...

5.5AI score0.00066EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/16 12:0 a.m.3 views

MiracleLinux 7 : etcd-3.2.26-1.el7 (AXSA:2019-3901:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3901:01 advisory. Security Fix - etcd RABC etcd gRPC-gateway REST API TLS RBAC Common Name CN CVE-2018-16886 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding...

8.1CVSS7.1AI score0.00486EPSS
Exploits0References2
NVD
NVDadded 2025/11/26 7:16 a.m.2 views

CVE-2025-13735

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR LapwingLinux on Linux nrfw modules. This vulnerability is associated with program files Code/nrfw/DLP/src/NrCgi.C. This issue affects LapwingLinux: before 2025/11/26...

7.4CVSS0.00053EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:28 p.m.4 views

CVE-2021-3901

firefly-iii is vulnerable to Cross-Site Request Forgery CSRF...

8.8CVSS6.8AI score0.0008EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/21 9:21 p.m.5 views

CVE-2008-3901

Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this...

2.1CVSS6.3AI score0.00048EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/21 7:55 p.m.8 views

CVE-2009-3901

Multiple cross-site scripting XSS vulnerabilities in e-Courier CMS allow remote attackers to inject arbitrary web script or HTML via the UserGUID parameter to home/index.asp and other unspecified vectors...

4.3CVSS6AI score0.00513EPSS
Exploits1References1
Circl
Circladded 2025/05/15 8:33 p.m.0 views

CVE-2024-3901

creationtimestamp| type| source ---|---|--- 2025-05-15 20:33:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16562...

6.8CVSS4.8AI score0.00339EPSS
Exploits1References1
NVD
NVDadded 2025/05/15 8:15 p.m.8 views

CVE-2024-3901

The Genesis Blocks WordPress plugin through 3.1.3 does not properly escape attributes provided to some of its custom blocks, making it possible for users allowed to write posts like those with the contributor role to conduct Stored XSS attacks...

6.8CVSS0.00339EPSS
Exploits1References1
Circl
Circladded 2025/04/23 9:10 p.m.2 views

CVE-2025-3901

creationtimestamp| type| source ---|---|--- 2025-04-23 21:10:22+00:00| seen| https://t.me/cvedetector/23602...

6.1CVSS4.8AI score0.00311EPSS
Exploits0References1
NVD
NVDadded 2025/04/23 5:16 p.m.7 views

CVE-2025-3901

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...

6.1CVSS0.00311EPSS
Exploits0References1
CVE
CVEadded 2025/04/23 5:7 p.m.48 views

CVE-2025-3901

The CVE-2025-3901 entry concerns the Drupal Bootstrap Site Alert module, where improper input neutralization in web page generation enables Cross-Site Scripting (XSS). Affected versions are Drupal Bootstrap Site Alert 0.0.0 up to 1.12.0 and 3.0.0 up to 3.0.3. The root cause is unsafe handling of ...

6.1CVSS6.1AI score0.00311EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/04/23 5:7 p.m.5 views

CVE-2025-3901 Bootstrap Site Alert - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-042

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting XSS.This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4...

0.00311EPSS
Exploits0References1
OpenVAS
OpenVASadded 2024/09/30 12:0 a.m.16 views

Debian: Security Advisory (DLA-3901-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.00315EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/01/24 8:23 p.m.2 views

Malicious code in wlwz-2312-3901 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 81581a49eae6a786226b0382a1502d12408b75ef25ae916cce4b8e981e3d02a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
CVE
CVEadded 2023/02/20 6:7 p.m.42 views

CVE-2022-3901

Visioweb.js 1.10.6 is affected by CVE-2022-3901 due to prototype pollution, enabling XSS on the client system. The issue is documented across multiple feeds (NVD, Red Hat, CVE listings). The root cause is prototype contamination in Visioweb.js, with the visible impact described as client-side XSS...

7.2CVSS6.2AI score0.00312EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/02/20 6:7 p.m.5 views

CVE-2022-3901 Visioweb.js - Prototype Pollution can results in XSS

Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system...

7.2CVSS6.3AI score0.00312EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/02/20 6:7 p.m.13 views

CVE-2022-3901 Visioweb.js - Prototype Pollution can results in XSS

Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system...

7.2CVSS6.9AI score0.00312EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 4:3 a.m.1 views

SUSE CVE-2020-3901

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrar...

8.8CVSS7.8AI score0.00953EPSS
Exploits0References6
Circl
Circladded 2021/10/28 12:16 a.m.1 views

CVE-2021-3901

creationtimestamp| type| source ---|---|--- 2021-10-28 00:16:24+00:00| seen| https://t.me/cibsecurity/31330...

8.8CVSS5.3AI score0.0008EPSS
Exploits1References1
OSV
OSVadded 2021/10/27 9:15 p.m.12 views

CVE-2021-3901

firefly-iii is vulnerable to Cross-Site Request Forgery CSRF...

8.8CVSS6.9AI score
Exploits0References2
Rows per page
Query Builder