Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/09/25 2:53 a.m.2 views

CVE-2025-59548

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, specially crafted URLs to the FileBrowser are vulnerable to javascript injection, affecting any unsuspecting user clicking such link. This issue has been patched in...

5.9CVSS6.7AI score0.00025EPSS
Exploits0References1
OSV
OSVadded 2025/09/23 5:58 p.m.4 views

CVE-2025-59548 DNN Vulnerable to Reflected Cross-Site Scripting (XSS) in CKEditor File Browser

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, specially crafted URLs to the FileBrowser are vulnerable to javascript injection, affecting any unsuspecting user clicking such link. This issue has been patched in...

5.9CVSS6.7AI score0.00025EPSS
Exploits0References3
NVD
NVDadded 2025/09/22 9:16 p.m.3 views

CVE-2025-59535

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, arbitrary themes can be loaded through query parameters. If an installed theme had a vulnerability, even if it was not used on any page, this could be loaded on...

6.5CVSS0.00126EPSS
Exploits0References3
OSV
OSVadded 2024/11/12 8:15 p.m.0 views

CVE-2024-49517

Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/11/12 12:0 a.m.1 views

Adobe Substance 3D Painter 缓冲区错误漏洞

Adobe Substance 3D Painter is a 3D texturing application from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance 3D Painter version 10.1.0 and prior versions, which can be exploited by an attacker to execute arbitrary code in the context of the current user...

7.8CVSS7.5AI score0.00191EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/03/31 12:0 a.m.3 views

PT-2024-21965 · Bonitasoft · Bonita

Name of the Vulnerable Software and Affected Versions: Bonita versions prior to 2023.2-u2 Bonita versions prior to 10.1.0.W11 Description: The issue allows stored XSS via a UI screen in the administration panel. There is no information provided about the estimated number of potentially affected...

6.5CVSS5.7AI score0.00064EPSS
Exploits0References10
CNVD
CNVDadded 2020/08/14 12:0 a.m.1 views

SugarCRM Cross-Site Scripting Vulnerability (CNVD-2020-46296)

SugarCRM is an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing, management and distribution of sales leads for different customer needs, and enables information sharing and tracking of sales representatives. A cross-site...

5.4CVSS6.2AI score0.00493EPSS
Exploits2References1
OSV
OSVadded 2020/08/12 1:15 p.m.1 views

CVE-2020-17373

SugarCRM before 10.1.0 Q3 2020 allows SQL Injection...

5.3CVSS5.8AI score
Exploits0References3
Rows per page
Query Builder