Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

103 matches found

OSV
OSVadded 2026/04/28 9:45 a.m.2 views

MINI-6F3R-J967-4268

Bulletin has no description...

6.9CVSS4.8AI score0.00022EPSS
Exploits0
OSV
OSVadded 2026/04/27 9:16 p.m.1 views

MINI-VPC7-4268-3FR2

Bulletin has no description...

7.3CVSS4.8AI score0.00011EPSS
Exploits1
EUVD
EUVDadded 2026/01/23 12:31 a.m.2 views

EUVD-2026-4268

Gitea improperly exposes issue and pull request titles...

6.5CVSS5.3AI score0.00018EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2026/01/16 12:0 a.m.2 views

MiracleLinux 7 : nspr-4.21.0-1.el7, nss-util-3.44.0-3.el7, nss-softokn-3.44.0-5.el7, nss-3.44.0-4.el7 (AXSA:2019-4268:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4268:01 advisory. ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries CVE-2018-0495 nss: Cache side-channel variant of the Bleichenbacher attack...

5.9CVSS6.2AI score0.12783EPSS
Exploits1References3
OpenVAS
OpenVASadded 2025/08/12 12:0 a.m.2 views

Debian: Security Advisory (DLA-4268-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.5AI score0.00469EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/22 8:19 a.m.8 views

CVE-2018-4268

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6...

10CVSS6.4AI score0.00442EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/07 7:8 a.m.9 views

CVE-2025-4268

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...

6.9CVSS5.4AI score0.00235EPSS
Exploits1References1
Circl
Circladded 2025/05/05 7:19 a.m.18 views

CVE-2025-4268

creationtimestamp| type| source ---|---|--- 2025-05-05 07:19:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14841 2025-05-05 10:21:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3log5hxglf42e 2025-05-05 11:41:46+00:00| seen|...

6.9CVSS5.3AI score0.00235EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/05/05 6:31 a.m.5 views

CVE-2025-4268 TOTOLINK A720R cstecgi.cgi missing authentication

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...

6.9CVSS7.1AI score0.00235EPSS
Exploits1References5
CVE
CVEadded 2025/05/05 6:31 a.m.50 views

CVE-2025-4268

The CVE-2025-4268 entry applies to TOTOLINK A720R firmware 4.1.5cu.374, where an improper authentication flaw exists in /cgi-bin/cstecgi.cgi. The vulnerability arises from manipulating the topicurl parameter with the value RebootSystem, enabling remote exploitation without authentication. Multipl...

6.9CVSS5.5AI score0.00235EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2024/07/02 11:1 a.m.20 views

CVE-2024-4268 Ultimate Blocks – WordPress Blocks Plugin <= 3.1.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Multiple Blocks

The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in all versions up to, and including, 3.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00267EPSS
Exploits0References10
Vulnrichment
Vulnrichmentadded 2024/07/02 11:1 a.m.11 views

CVE-2024-4268 Ultimate Blocks – WordPress Blocks Plugin <= 3.1.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Multiple Blocks

The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in all versions up to, and including, 3.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00267EPSS
Exploits0References10
SUSE CVE
SUSE CVEadded 2023/02/15 5:27 a.m.2 views

SUSE CVE-2014-4268

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing...

5CVSS6.6AI score0.03291EPSS
Exploits0References10
Circl
Circladded 2022/12/26 4:40 p.m.0 views

CVE-2022-4268

creationtimestamp| type| source ---|---|--- 2022-12-26 16:40:43+00:00| seen| https://t.me/cibsecurity/55347...

7.2CVSS7AI score0.00729EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2022/12/26 12:27 p.m.3 views

CVE-2022-4268 Plugin Logic < 1.0.8 - Admin+ SQLi

The Plugin Logic WordPress plugin before 1.0.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.3AI score0.00729EPSS
Exploits2References2
CVE
CVEadded 2022/12/26 12:27 p.m.70 views

CVE-2022-4268

The CVE-2022-4268 entry concerns the WordPress Plugin Logic plugin (versions prior to 1.0.8) that is vulnerable to SQL injection. The root cause is improper sanitisation/escaping of a parameter before its use in an SQL statement, enabling exploitation by high-privilege users such as admins. Affec...

7.2CVSS7.1AI score0.00729EPSS
Exploits2References2Affected Software1
Cvelist
Cvelistadded 2022/12/26 12:27 p.m.11 views

CVE-2022-4268 Plugin Logic < 1.0.8 - Admin+ SQLi

The Plugin Logic WordPress plugin before 1.0.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.4AI score0.00729EPSS
Exploits2References2
Circl
Circladded 2022/12/21 10:13 p.m.0 views

CVE-2021-4268

creationtimestamp| type| source ---|---|--- 2022-12-21 22:13:01+00:00| seen| https://t.me/cibsecurity/55073 2025-04-14 17:54:32+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11667...

8.8CVSS8.1AI score0.0029EPSS
Exploits0References2
CVE
CVEadded 2022/12/21 12:0 a.m.56 views

CVE-2021-4268

CVE-2021-4268 affects phpRedisAdmin up to version 1.17.3. The issue is a cross-site request forgery originating from an unknown section, with remote exploit potential. A fix is available in version 1.18.0, and the patch is identified by the hash b9039adbb264c81333328faa9575ecf8e0d2be94. Affected ...

8.8CVSS6.4AI score0.0029EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2022/09/14 3:2 p.m.13 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Digital Business Automation Workflow family products (CVE-2019-4268)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow, IBM Business Process Manager, WebSphere Enterprise Service Bus, and WebSphere Lombardi Edition. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional hav...

5.4AI score0.00424EPSS
Exploits0Affected Software8
Rows per page
Query Builder