Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

87 matches found

Circl
Circladded 2026/03/20 3:51 p.m.2 views

CVE-2026-4434

creationtimestamp| type| source ---|---|--- 2026-03-20 15:51:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhiuojen7q2y...

8.1CVSS5.8AI score0.00032EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/20 12:52 p.m.1 views

CVE-2026-4434

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

5.8AI score0.00032EPSS
Exploits0References2
OSV
OSVadded 2026/02/17 6:9 p.m.1 views

GO-2026-4434 EVE Seals Vault Key With SHA1 PCRs in github.com/lf-edge/eve

EVE Seals Vault Key With SHA1 PCRs in github.com/lf-edge/eve...

8.8CVSS5.4AI score0.00014EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.1 views

MiracleLinux 8 : redis:6 (AXSA:2022-4434:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4434:01 advisory. redis: Code injection via Lua script execution environment CVE-2022-24735 redis: Malformed Lua script can crash Redis CVE-2022-24736 Tenable has...

7.8CVSS7.8AI score0.01725EPSS
Exploits2References3
RedhatCVE
RedhatCVEadded 2026/01/09 9:25 a.m.4 views

CVE-2023-4434

Missing Authorization in GitHub repository hamza417/inure prior to build88...

6.1CVSS6.8AI score0.00036EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-4434

Malware in sbrugna...

6.1CVSS6.7AI score0.00296EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/22 1:1 a.m.3 views

CVE-2011-4434

Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLocker rules, which allows local users to bypass intended access restrictions via a 1 macro or 2 scripting feature in an application, as demonstrated by Microsoft Office applications and the...

3.6CVSS6.2AI score0.00307EPSS
Exploits1References1
Circl
Circladded 2025/05/09 2:25 a.m.12 views

CVE-2025-4434

creationtimestamp| type| source ---|---|--- 2025-05-09 02:25:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15655 2025-05-09 06:10:39+00:00| seen| https://t.me/cvedetector/24899 2025-05-09 06:17:51+00:00| seen|...

4.8AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/05/09 1:42 a.m.16 views

CVE-2025-4434

...

7AI score
Exploits0
CVE
CVEadded 2025/05/09 1:42 a.m.50 views

CVE-2025-4434

The CVE-2025-4434 entry corresponds to a vulnerability in the WordPress Remote Images Grabber plugin. Affected component: the Remote Images Grabber plugin for WordPress (versions up to 0.6). Root cause: insufficient input sanitization and output escaping, leading to a Reflected Cross-Site Scripti...

6.1AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2024/05/10 8:32 a.m.33 views

CVE-2024-4434 LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Time-Based SQL Injection

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘termid’ parameter in versions up to, and including, 4.2.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

9.8CVSS7.5AI score0.7709EPSS
Exploits2References4
Cvelist
Cvelistadded 2024/05/10 8:32 a.m.81 views

CVE-2024-4434 LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Time-Based SQL Injection

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘termid’ parameter in versions up to, and including, 4.2.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

9.8CVSS9.9AI score0.7709EPSS
Exploits2References4
Patchstack
Patchstackadded 2024/05/10 12:0 a.m.13 views

WordPress LearnPress Plugin <= 4.2.6.5 is vulnerable to SQL Injection

Software LearnPress Type Plugin Vulnerable versions = 4.2.6.5 Fixed in 4.2.6.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4434 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 919e5a96b8fa Credits 1337Wannabe Required privilege Unauthenticated...

9.8CVSS6.8AI score0.7709EPSS
Exploits2References3Affected Software1
Circl
Circladded 2024/01/24 7:16 p.m.1 views

CVE-2021-4434

creationtimestamp| type| source ---|---|--- 2024-01-24 19:16:34+00:00| seen| https://t.me/ctinow/173005 2024-02-10 17:46:34+00:00| seen| https://t.me/ctinow/182617...

10CVSS8.7AI score0.07986EPSS
Exploits1References2
NVD
NVDadded 2024/01/17 9:15 a.m.13 views

CVE-2021-4434

The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swpurl' parameter. This allows attackers to execute code on the server...

10CVSS9.8AI score0.07986EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/01/17 8:31 a.m.15 views

CVE-2021-4434 Social Warfare <= 3.5.2 - Remote Code Execution

The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swpurl' parameter. This allows attackers to execute code on the server...

10CVSS10AI score0.07986EPSS
Exploits1References2
CVE
CVEadded 2024/01/17 8:31 a.m.57 views

CVE-2021-4434

CVE-2021-4434 affects the WordPress Social Warfare plugin (versions up to 3.5.2). The vulnerability is a Remote Code Execution via the swp_url parameter, allowing an attacker to execute code on the server. Root cause: improper handling of the swp_url input. Impact: high (remote code execution). A...

10CVSS9.7AI score0.07986EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2023/08/20 12:0 a.m.10 views

CVE-2023-4434 Missing Authorization in hamza417/inure

Missing Authorization in GitHub repository hamza417/inure prior to build88...

5.1CVSS6.5AI score0.00036EPSS
Exploits1References2
CVE
CVEadded 2023/08/20 12:0 a.m.55 views

CVE-2023-4434

CVE-2023-4434 refers to a missing authorization vulnerability in the Inure Android app (GitHub hamza417/inure) present in builds prior to build88. Red Hat and OSV/NVD entries corroborate the issue as ‘Missing Authorization in hamza417/inure prior to build88’. Technical detail from the Huntr entry...

6.1CVSS5.5AI score0.00036EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/20 12:0 a.m.11 views

CVE-2023-4434 Missing Authorization in hamza417/inure

Missing Authorization in GitHub repository hamza417/inure prior to build88...

5.1CVSS6.8AI score0.00036EPSS
Exploits1References2
Rows per page
Query Builder