Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1990 matches found

RedhatCVE
RedhatCVEadded 2025/10/13 5:29 a.m.4 views

CVE-2025-11607

A weakness has been identified in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function uploadmusic of the file app/controllers/v1/music.py of the component API Endpoint. Executing a manipulation of the argument File can lead to path traversal. The attack may be performed...

8.8CVSS6AI score0.00136EPSS
Exploits0References1
CVE
CVEadded 2025/10/11 4:32 p.m.11 views

CVE-2025-11607

The CVE-2025-11607 entry affects harry0703 MoneyPrinterTurbo up to 1.2.6, specifically the upload_music function in app/controllers/v1/music.py of the API Endpoint. The vulnerability arises from path traversal via manipulation of the File argument, enabling remote exploitation. Multiple connected...

8.8CVSS6AI score0.00136EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2025/10/11 4:32 p.m.1 views

CVE-2025-11607

A weakness has been identified in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function uploadmusic of the file app/controllers/v1/music.py of the component API Endpoint. Executing a manipulation of the argument File can lead to path traversal. The attack may be performed...

8.8CVSS5AI score0.00136EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVEadded 2025/10/10 3:23 a.m.5 views

CVE-2025-11529

A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit...

9.8CVSS6.9AI score0.00162EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/10/10 12:0 a.m.3 views

PT-2025-41531

Name of the Vulnerable Software and Affected Versions SonarQube versions prior to 25.6 SonarQube 2025.3 Commercial versions prior to 2025.3 SonarQube 2025.1.3 LTA versions prior to 2025.1.3 Description Authenticated users with low privileges can access the /api/v2/users-management/users endpoint ...

4.3CVSS6.3AI score0.00038EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/10/09 1:27 p.m.10 views

CVE-2025-11442

A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the component API Endpoint. The manipulation results in cross-site request forgery. The attack may be performed from remote. The exploit has been released to the public and may be...

5.3CVSS6AI score0.00044EPSS
Exploits1References1
CNNVD
CNNVDadded 2025/10/09 12:0 a.m.1 views

ChurchCRM 安全漏洞

ChurchCRM is ChurchCRM open source an open source CRM system for churches. ChurchCRM 5.18.0 and earlier versions have an authentication error vulnerability that stems from a lack of authentication in the AuthMiddleware function in the API Endpoint component, which can be exploited by an attacker ...

9.8CVSS6.9AI score0.00162EPSS
Exploits1References6
NVD
NVDadded 2025/10/08 8:15 a.m.2 views

CVE-2025-11442

A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the component API Endpoint. The manipulation results in cross-site request forgery. The attack may be performed from remote. The exploit has been released to the public and may be...

5.3CVSS0.00044EPSS
Exploits1References4
OSV
OSVadded 2025/10/08 8:15 a.m.2 views

CVE-2025-11442

A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the component API Endpoint. The manipulation results in cross-site request forgery. The attack may be performed from remote. The exploit has been released to the public and may be...

5.3CVSS6.1AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/10/08 7:32 a.m.2 views

CVE-2025-11442 JhumanJ OpnForm API Endpoint cross-site request forgery

A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the component API Endpoint. The manipulation results in cross-site request forgery. The attack may be performed from remote. The exploit has been released to the public and may be...

5.3CVSS4.4AI score0.00044EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/10/08 7:32 a.m.8 views

CVE-2025-11442 JhumanJ OpnForm API Endpoint cross-site request forgery

A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the component API Endpoint. The manipulation results in cross-site request forgery. The attack may be performed from remote. The exploit has been released to the public and may be...

5.3CVSS0.00044EPSS
Exploits1References4
OSV
OSVadded 2025/10/08 7:15 a.m.4 views

CVE-2025-11438

A vulnerability has been found in JhumanJ OpnForm up to 1.9.3. This vulnerability affects unknown code of the file /custom-domains of the component API Endpoint. Such manipulation leads to missing authorization. The attack may be launched remotely. The exploit has been disclosed to the public and...

5.3CVSS6.9AI score
Exploits0References5
Cvelist
Cvelistadded 2025/10/08 6:32 a.m.7 views

CVE-2025-11438 JhumanJ OpnForm API Endpoint custom-domains authorization

A vulnerability has been found in JhumanJ OpnForm up to 1.9.3. This vulnerability affects unknown code of the file /custom-domains of the component API Endpoint. Such manipulation leads to missing authorization. The attack may be launched remotely. The exploit has been disclosed to the public and...

6.5CVSS0.00044EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/10/08 12:0 a.m.3 views

PT-2025-41238

Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions up to 1.9.3 Description A security flaw exists in JhumanJ OpnForm. The issue involves an unknown function within the component’s API Endpoint and can lead to cross-site request forgery. The attack can be initiated...

5.3CVSS4AI score0.00044EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2021-24697

Malware in sbrugna...

7.5CVSS7.5AI score0.00539EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-24609

Malware in sbrugna...

6.5CVSS6.6AI score0.00382EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2018-0087

Malware in sbrugna...

8.8CVSS8.6AI score0.00136EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2020-5557

Malware in sbrugna...

5.4CVSS5.3AI score0.00191EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2019-4782

Malware in sbrugna...

9.8CVSS9.3AI score0.00907EPSS
Exploits2References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-9242

Malware in sbrugna...

8.8CVSS8.6AI score0.00901EPSS
Exploits1References3
Rows per page
Query Builder