Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

112 matches found

RedhatCVE
RedhatCVEadded 2026/03/26 3:6 p.m.0 views

CVE-2026-4190

A vulnerability was detected in JawherKl node-api-postgres up to 2.5. This impacts the function User.getAll of the file models/user.js. The manipulation of the argument sort results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. The vendor was...

7.5CVSS6.9AI score0.00042EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/15 7:32 p.m.32 views

CVE-2026-4190 JawherKl node-api-postgres user.js User.getAll sql injection

A vulnerability was detected in JawherKl node-api-postgres up to 2.5. This impacts the function User.getAll of the file models/user.js. The manipulation of the argument sort results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. The vendor was...

7.5CVSS0.00042EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/09 12:51 p.m.7 views

CVE-2014-4190

Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300,...

7.8CVSS7.1AI score0.00248EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/05/30 9:47 p.m.13 views

WordPress CSV Mass Importer plugin <= 1.2 - Admin+ Arbitrary File Upload vulnerability

Admin+ Arbitrary File Upload vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin CSV Mass Importer versions = 1.2...

7.2CVSS8.3AI score0.00182EPSS
Exploits3References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/19 6:9 a.m.10 views

CVE-2025-4190

The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...

7.2CVSS6.8AI score0.00182EPSS
Exploits3References1
NVD
NVDadded 2025/05/17 6:15 a.m.18 views

CVE-2025-4190

The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...

7.2CVSS0.00182EPSS
Exploits3References1
CVE
CVEadded 2025/05/17 6:0 a.m.45 views

CVE-2025-4190

CVE-2025-4190 affects the WordPress plugin CSV Mass Importer (v ≤ 1.2). The issue is improper validation of uploaded files, allowing high-privilege users (e.g., admins) to upload arbitrary files on the server (notably in multisite setups). Several sources confirm an admin+ arbitrary file upload v...

7.2CVSS7AI score0.00182EPSS
Exploits3References1Affected Software1
Cvelist
Cvelistadded 2025/05/17 6:0 a.m.27 views

CVE-2025-4190 CSV Mass Importer <= 1.2 - Admin+ Arbitrary File Upload

The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...

0.00182EPSS
Exploits3References1
GithubExploit
GithubExploitadded 2025/05/15 3:51 p.m.280 views

Exploit for CVE-2025-4190

CVE-2025-4190 — WordPress CSV Mass Importer ≤ 1.2 Arbitrary Fi...

7.2CVSS8AI score0.00182EPSS
Exploits3
Circl
Circladded 2025/05/07 5:0 p.m.23 views

CVE-2025-4190

creationtimestamp| type| source ---|---|--- 2025-05-07 17:00:13+00:00| published-proof-of-concept| Telegram/r84uk1c1f1koqzztiTdxByQ9BLtYAaDiWUWNZ6l8-95JYw 2025-05-17 17:01:22+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpezaghntdj2...

7.2CVSS8.7AI score0.00182EPSS
Exploits3References1
GithubExploit
GithubExploitadded 2025/05/07 10:56 a.m.462 views

Exploit for CVE-2025-4190

CVE-2025-4190 — WordPress CSV Mass Importer ≤ 1.2 Arbitrary Fi...

7.2CVSS8AI score0.00182EPSS
Exploits3
Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2021-4190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file CVE-2021-4190 Note that Nessus relies...

7.5CVSS7.2AI score0.0012EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/02/05 12:7 a.m.4 views

CVE-2024-4190

Stored Cross-Site Scripting XSS vulnerabilities have been identified in OpenText ArcSight Logger. The vulnerabilities could be remotely exploited...

8.4CVSS6.1AI score0.00189EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/06/11 5:48 p.m.21 views

CVE-2024-4190 OpenText ArcSight Logger Stored XSS

Stored Cross-Site Scripting XSS vulnerabilities have been identified in OpenText ArcSight Logger. The vulnerabilities could be remotely exploited...

8.4CVSS0.00189EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2024/06/03 12:0 a.m.38 views

RHEL 9 : wireshark (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wireshark: Kafka dissector infinite loop CVE-2021-4190 - wireshark: ISO 15765 and ISO 10681 dissector cra...

7.8CVSS7.9AI score0.02747EPSS
Exploits15References27
Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.49 views

RHEL 9 : wireshark (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wireshark: Kafka dissector infinite loop CVE-2021-4190 - Crash in the Sysdig Event dissector in Wireshark...

7.9AI score0.00324EPSS
Exploits7References7
OpenVAS
OpenVASadded 2024/03/04 12:0 a.m.24 views

openSUSE: Security Advisory for openssl (SUSE-SU-2023:4190-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.06469EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.37 views

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2018-4190)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4190 advisory. - tcp: add tcpoootrycoalesce helper Eric Dumazet Orabug: 28453849 CVE-2018-5390 - tcp: call tcpdrop from tcpdataqueueofo Eric Dumazet Orabug: 28453849...

7.8CVSS6.7AI score0.10596EPSS
Exploits0References2
NVD
NVDadded 2023/08/06 1:15 a.m.6 views

CVE-2023-4190

Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.2.11...

6.5CVSS6.4AI score0.00502EPSS
Exploits1References2
Cvelist
Cvelistadded 2023/08/06 12:0 a.m.15 views

CVE-2023-4190 Insufficient Session Expiration in admidio/admidio

Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.2.11...

6.5CVSS6.7AI score0.00502EPSS
Exploits1References2
Rows per page
Query Builder