Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2005 matches found

CNVD
CNVDadded 2023/04/24 12:0 a.m.6 views

Modoboa Information Disclosure Vulnerability

modoboa is an email hosting and management platform for individual developers. An information disclosure vulnerability exists in modoboa versions prior to 2.1.0, which originates when /api/v2/parameters/core/ returns sensitive information without any authentication or authorization. An attacker c...

9.1CVSS6.2AI score0.43756EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2023/04/21 12:0 a.m.4 views

PT-2023-22473 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the UpdateWanParams interface at the "/goform/aspForm" API endpoint. Recommendations: For H3C Magic R200 version R200V100R004, consider restricting...

4.9CVSS7AI score0.00787EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2023/04/21 12:0 a.m.5 views

PT-2023-22461 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the UpdateSnat interface at the "/goform/aspForm" API endpoint. This issue affects the H3C Magic R200 device. Recommendations: For H3C Magic R200 versi...

4.9CVSS5.2AI score0.00787EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2023/04/21 12:0 a.m.4 views

PT-2023-22470 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the SetAPWifiorLedInfoById interface at the "/goform/aspForm" API endpoint. Recommendations: For H3C Magic R200 version R200V100R004, consider disablin...

4.9CVSS5.2AI score0.00787EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/04/21 12:0 a.m.4 views

PT-2023-22468 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the AddMacList interface at the "/goform/aspForm" API endpoint. This issue affects the H3C Magic R200 device. Recommendations: For H3C Magic R200 versi...

4.9CVSS5.2AI score0.00787EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/04/21 12:0 a.m.4 views

PT-2023-22467 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the UpdateMacClone interface at the "/goform/aspForm" API endpoint. This issue affects the specified version of the H3C Magic R200. Recommendations: Fo...

4.9CVSS5.3AI score0.00787EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/04/21 12:0 a.m.6 views

PT-2023-22464 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the SetMobileAPInfoById interface at the "/goform/aspForm" API endpoint. This issue affects the H3C Magic R200 device. Recommendations: For H3C Magic...

4.9CVSS5.2AI score0.00787EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/04/21 12:0 a.m.5 views

PT-2023-22469 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the DelvsList interface at the "/goform/aspForm" API endpoint. This issue affects the H3C Magic R200 device. Recommendations: For H3C Magic R200 versio...

4.9CVSS5.2AI score0.00787EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/04/21 12:0 a.m.5 views

PT-2023-22463 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the Edit BasicSSID 5G interface at the "/goform/aspForm" API endpoint. This issue affects the H3C Magic R200 device. Recommendations: For H3C Magic R20...

4.9CVSS5.2AI score0.00787EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/04/21 12:0 a.m.6 views

PT-2023-22471 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200 version R200V100R004 Description: A stack overflow issue was discovered via the DeltriggerList interface at the "/goform/aspForm" API endpoint. This issue affects the H3C Magic R200 device. Recommendations: For H3C Magic R200...

4.9CVSS5.2AI score0.00787EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/04/20 12:0 a.m.3 views

PT-2023-22525 · Unknown · Sourcecodester Judging Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Judging Management System version 1.0 Description: The issue is related to SQL Injection, which can be exploited via the "/php-jms/print judges.php" API endpoint with specific parameters such as se name and sub event id...

9.8CVSS9.3AI score0.00752EPSS
Exploits1References4
Exploit DB
Exploit DBadded 2023/04/20 12:0 a.m.340 views

FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: FUXA V.1.1.13-1186- Unauthenticated Remote Code Execution RCE Date: 18/04/2023 Exploit Author: Rodolfo Mariano Vendor Homepage: https://github.com/frangoteam/FUXA Version: FUXA V.1.1.13-1186 current from argparse import RawTextHelpFormatter import argparse, sys, threading, requests...

7.4AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2023/04/19 12:0 a.m.4 views

PT-2023-21341 · Unknown · Online Jewelry Shop

Name of the Vulnerable Software and Affected Versions: Online Jewelry Shop version 1.0 Description: A stored cross-site scripting XSS issue in the "/index.php?page=category list" API endpoint of Online Jewelry Shop allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.3AI score0.00477EPSS
Exploits1References5
AlpineLinux
AlpineLinuxadded 2023/04/14 2:15 p.m.28 views

CVE-2022-45170

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malicious user, logged into a victim's account, is able to decipher a file without knowing the key set by the user...

6.5CVSS6.5AI score0.00444EPSS
Exploits1References1
Prion
Prionadded 2023/04/14 2:15 p.m.22 views

Improper access control

An issue was discovered in LIVEBOX Collaboration vDesk through v018. Broken Access Control exists under the /api/v1/vdeskDOMAIN/export endpoint. A malicious user, authenticated to the product without any specific privilege, can use the API for exporting information about all users of the system a...

4CVSS6.2AI score0.00713EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2023/04/14 12:0 a.m.3 views

PT-2023-22337 · Unknown · Yoga Class Registration System

Name of the Vulnerable Software and Affected Versions: Yoga Class Registration System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the cid parameter at the "/admin/login.php" API endpoint. Recommendations: For Yoga Class...

7.5CVSS7.6AI score0.00672EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/04/07 12:0 a.m.4 views

PT-2023-21358 · H3C · H3C Magic R100

Name of the Vulnerable Software and Affected Versions: H3C Magic R100 version R100V100R005.bin Description: A stack overflow issue was discovered via the DeltriggerList interface at the "/goform/aspForm" API endpoint. This issue allows attackers to cause a Denial of Service DoS by sending a craft...

4.9CVSS5.1AI score0.00787EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/04/07 12:0 a.m.2 views

PT-2023-20883 · Totolink · Totolink A7100Ru

Name of the Vulnerable Software and Affected Versions: TOTOlink A7100RU version 7.4cu.2313 B20191024 Description: A command injection issue was found via the pppoeAcName parameter at the "/setting/setWanIeCfg" API endpoint. Recommendations: For version 7.4cu.2313 B20191024, avoid using the...

9.8CVSS9.6AI score0.0192EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/04/07 12:0 a.m.3 views

PT-2023-21353 · H3C · H3C Magic R100

Name of the Vulnerable Software and Affected Versions: H3C Magic R100 version R100V100R005.bin Description: A stack overflow issue was discovered via the EdittriggerList interface at the "/goform/aspForm" API endpoint. This allows attackers to cause a Denial of Service DoS via a crafted payload...

4.9CVSS5.2AI score0.00787EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2023/04/05 1:49 a.m.1 views

SUSE CVE-2023-28834

Nextcloud Server is an open source personal cloud server. Nextcloud Server 24.0.0 until 24.0.6 and 25.0.0 until 25.0.4, as well as Nextcloud Enterprise Server 23.0.0 until 23.0.11, 24.0.0 until 24.0.6, and 25.0.0 until 25.0.4, have an information disclosure vulnerability. A user was able to get t...

4.3CVSS6.1AI score0.00813EPSS
Exploits1References3
Rows per page
Query Builder