Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2021-27999

Malicious code in bioql PyPI...

7.3CVSS7.5AI score0.00031EPSS
Exploits0References2
Patchstack
Patchstackadded 2023/08/10 12:0 a.m.11 views

WordPress Avada Theme <= 7.11.1 is vulnerable to Broken Access Control

Software Avada Type Theme Vulnerable versions = 7.11.1 Fixed in 7.11.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-39922 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7f0edbc9c590 Credits Rafie Muhammad Patchstack Required...

8.8CVSS6.6AI score0.0022EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2022/04/26 10:20 p.m.33 views

CVE-2021-22135

Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and Field Level Security are enabled. The suggester and profile API are normally disabled for an index when document level security is enabled ...

5.3CVSS1.6AI score0.00153EPSS
Exploits0References4
NVD
NVDadded 2021/10/13 6:15 p.m.8 views

CVE-2021-40843

Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of...

7.3CVSS0.00031EPSS
Exploits0References2
Prion
Prionadded 2021/10/13 6:15 p.m.16 views

Sql injection

Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of...

6.9CVSS7.5AI score0.00031EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2021/10/13 5:17 p.m.20 views

CVE-2021-40842

Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console. The vulnerability exists due to improper input validation on the database name parameter required in certain unauthenticated APIs. A malicious URL visited by anyone with network access to the...

10AI score0.00385EPSS
Exploits0References2
Cvelist
Cvelistadded 2021/10/13 5:10 p.m.12 views

CVE-2021-40843

Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of...

7.8AI score0.00031EPSS
Exploits0References2
CNNVD
CNNVDadded 2021/04/13 12:0 a.m.3 views

Siren Federate 安全漏洞

Siren Federate is an application from Siren Ireland. It extends the Elasticsearch API to add high performance and scalable joins. A security vulnerability exists in Siren Federate that discloses user information across thread contexts when a low-privileged user and a high-privileged user execute...

4.3CVSS5.2AI score0.00391EPSS
Exploits0References2
Rows per page
Query Builder