Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

53 matches found

Circl
Circladded 2026/04/14 1:10 p.m.0 views

CVE-2026-4832

creationtimestamp| type| source ---|---|--- 2026-04-14 13:10:17+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mjhhczv3ac2r...

6.9CVSS5.7AI score0.00113EPSS
Exploits0References1
OSV
OSVadded 2026/03/26 8:33 p.m.1 views

GO-2026-4832 NATS JetStream has an authorization bypass through its Management API in github.com/nats-io/nats-server

NATS JetStream has an authorization bypass through its Management API in github.com/nats-io/nats-server...

4.9CVSS5.9AI score0.00009EPSS
Exploits0References2
Packet Storm
Packet Stormadded 2026/02/13 12:0 a.m.115 views

📄 Oracle Database Server 9.2.0.5 SQL Injection

Oracle Database Server version 9.2.0.5 proof of concept remote SQL injection exploit that leverages SYS.DBMSCDCSUBSCRIBE.ACTIVATESUBSCRIPTION and makes use of an older vulnerability from 2005...

7.5CVSS5.8AI score0.66238EPSS
Exploits4
OSV
OSVadded 2025/08/10 8:1 p.m.1 views

MINI-6GVX-4832-QFGM

Bulletin has no description...

9.8CVSS7.2AI score0.00183EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 12:46 a.m.4 views

CVE-2022-4832

The Store Locator WordPress plugin before 1.4.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privileg...

5.4CVSS5.9AI score0.00181EPSS
Exploits2
RedhatCVE
RedhatCVEadded 2025/05/22 11:14 a.m.4 views

CVE-2013-4832

HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors...

4CVSS6.1AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/19 5:21 p.m.13 views

CVE-2025-4832

A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

9CVSS7.3AI score0.00553EPSS
Exploits0
Circl
Circladded 2025/05/17 6:42 p.m.12 views

CVE-2025-4832

creationtimestamp| type| source ---|---|--- 2025-05-17 18:42:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpf73rntqk2o 2025-05-17 20:26:18+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpfeupcnvad2...

9CVSS7AI score0.00553EPSS
Exploits0References2
NVD
NVDadded 2025/05/17 5:15 p.m.15 views

CVE-2025-4832

A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

9CVSS0.00553EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/05/17 5:0 p.m.7 views

CVE-2025-4832 TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formDosCfg buffer overflow

A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

9CVSS8.9AI score0.00553EPSS
Exploits0References5
CVE
CVEadded 2025/05/17 5:0 p.m.24 views

CVE-2025-4832

The CVE-2025-4832 issue affects TOTOLINK A702R, A3002R, and A3002RU (version 3.0.0-B20230809.1615). The vulnerability is in the /boafrm/formDosCfg HTTP POST Request Handler, where tampering with the submit-url argument causes a buffer overflow. Impact is remote code execution-like risk with high ...

9CVSS7.3AI score0.00553EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/10/16 12:0 a.m.16 views

Ubuntu 18.04 ESM : Plexus Archiver vulnerability (USN-4832-1)

The remote Ubuntu 18.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4832-1 advisory. It was discovered that Plexus Archiver incorrectly handled directory traversal during extraction. An attacker could possibly use this for a Zip-Slip attack. Tenab...

5.5CVSS6.4AI score0.05466EPSS
Exploits1References2
Circl
Circladded 2023/09/14 10:43 p.m.0 views

CVE-2023-4832

creationtimestamp| type| source ---|---|--- 2023-09-14 22:43:53+00:00| seen| https://t.me/cibsecurity/70547...

9.8CVSS8.7AI score0.0015EPSS
Exploits0References1
NVD
NVDadded 2023/09/14 6:15 p.m.7 views

CVE-2023-4832

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aceka Company Management allows SQL Injection. This issue affects Company Management: before 3072...

9.8CVSS9.9AI score0.0015EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2023/09/14 6:15 p.m.0 views

CVE-2023-4832

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aceka Company Management allows SQL Injection. This issue affects Company Management: before 3072...

9.8CVSS7.4AI score0.0015EPSS
Exploits0References3
Cvelist
Cvelistadded 2023/09/14 5:49 p.m.13 views

CVE-2023-4832 SQLi in Aceka Holdings Company Management

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aceka Company Management allows SQL Injection. This issue affects Company Management: before 3072...

9.8CVSS10AI score0.0015EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/09/14 5:49 p.m.9 views

CVE-2023-4832 SQLi in Aceka Holdings Company Management

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aceka Company Management allows SQL Injection. This issue affects Company Management: before 3072...

9.8CVSS7.4AI score0.0015EPSS
Exploits0References2
CVE
CVEadded 2023/09/14 5:49 p.m.38 views

CVE-2023-4832

CVE-2023-4832 affects Aceka Company Management. The issue is an SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions prior to 3072. The root cause is improper input handling within the software’s SQL query construction, enabling injection payloads. ...

9.8CVSS7.4AI score0.0015EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2023/01/23 2:31 p.m.45 views

CVE-2022-4832

The CVE-2022-4832 entry applies to the Store Locator WordPress plugin prior to version 1.4.9. The underlying issue is failure to validate/escape certain shortcode attributes, allowing Stored XSS. The attack can be executed by users with as little as Contributor privileges to target higher-privile...

5.4CVSS5.3AI score0.00181EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/01/23 2:31 p.m.5 views

CVE-2022-4832 Store Locator WordPress < 1.4.9 - Contributor+ Stored XSS via Shortcode

The Store Locator WordPress plugin before 1.4.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privileg...

6.1AI score0.00181EPSS
Exploits2References1
Rows per page
Query Builder