Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в symfony

Symfony is a PHP framework for web and console applications, along with a set of reusable PHP components. The ability to enumerate users was possible without requiring relevant permissions, as the handling differed depending on whether the user existed or not when trying to use the “switch users”...

5.3CVSS6.1AI score0.00337EPSS
Exploits1References2
Veracode
Veracodeadded 2025/04/07 2:37 a.m.6 views

Denial Of Service (DoS)

@directus/storage-driver-s3 is vulnerable to Denial Of Service DoS. The vulnerability is due to asset unavailability caused by excessive HEAD requests, which allows an attacker to trigger 403 errors for all assets and deny access across all Directus policies...

5.3CVSS7AI score0.00208EPSS
Exploits1References3Affected Software3
Github Security Blog
Github Security Blogadded 2025/03/26 5:20 p.m.11 views

Directus's S3 assets become unavailable after a burst of HEAD requests

Summary There's some tools that use Directus to sync content and assets. Some of those tools use HEAD method, like Shopify, to check the existence of files. Although, when making many HEAD requests at once, at some point, all assets are being served as 403. Details When I was investigating this...

5.3CVSS7AI score0.00208EPSS
Exploits1References3Affected Software2
Packet Storm
Packet Stormadded 2024/04/17 12:0 a.m.346 views

Palo Alto OS Command Injection

CVE-2024-3400 CVE-2024-3400 Palo Alto OS Command Injection send this HTTP request: http POST /ssl-vpn/hipreport.esp HTTP/1.1 Host: 127.0.0.1 Cookie: SESSID=/../../../var/appweb/sslvpndocs/global-protect/portal/images/hellome1337.txt; Connection: close Content-Type: application/x-www-form-urlencod...

10CVSS7.4AI score0.94323EPSS
Exploits43
Kitploit
Kitploitadded 2021/02/20 11:30 a.m.310 views

DirDar - A Tool That Searches For (403-Forbidden) Directories To Break It And Get Dir Listing On It

bypass forbidden directories - find and identify dir listing - you can use it as directory brute-forcer as well Compatabily This tool is compatible with all kind of operating systems as long as you have GO compiler installed Install You can use this command if you have Go installed and configured...

7.2AI score
Exploits0References2
OpenVAS
OpenVASadded 2010/04/27 12:0 a.m.13 views

Reading Apache CustomLogfiles - Windows

Reading Apache CustomLogfiles SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.96022";...

7.3AI score
Exploits0
Rows per page
Query Builder