Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2283 matches found

OSV
OSVadded 2020/10/13 6:15 p.m.13 views

PYSEC-2020-110

In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...

7.7CVSS3.3AI score0.00251EPSS
Exploits0References6
OSV
OSVadded 2020/10/13 6:15 p.m.1 views

UBUNTU-CVE-2020-15251

In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...

7.7CVSS6.8AI score0.00251EPSS
Exploits0References6
Prion
Prionadded 2020/10/13 6:15 p.m.15 views

Security feature bypass

In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...

4CVSS6.4AI score0.00251EPSS
Exploits0References6Affected Software1
PyPA
PyPAadded 2020/10/13 6:15 p.m.5 views

PYSEC-2020-110

In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...

7.7CVSS6.9AI score0.00251EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2020/10/13 5:15 p.m.12 views

CVE-2020-15251 Privilege Escalation in Channelmgnt plug-in for Sopel

In the Channelmgnt plug-in for Sopel a Python IRC bot before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2...

7.7CVSS7.5AI score0.00251EPSS
Exploits0References6
Microsoft Secure
Microsoft Secureadded 2020/10/12 4:0 p.m.27 views

Advanced protection for web applications in Azure with Radware’s Microsoft Security integration

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA here. The state of application security Companies face a wide range of security challenges, such as Open Source Foundation for Application Security Project OWASP vulnerabilities,...

0.2AI score
Exploits0
vulnersOsv
vulnersOsvadded 2020/09/25 6:28 p.m.4 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +49 more potentially affected by CVE-2020-15210 via tensorflow-gpu (>=1.10.1 <=1.15.3)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.2.0 - keras-textclassification =0.1.6 and more Source cves: CVE-2020-15210 Source advisory: OSV:GHSA-X9J7-X98R-R4W2...

6.5CVSS6.5AI score0.00329EPSS
Exploits1
NVD
NVDadded 2020/09/15 7:15 p.m.11 views

CVE-2020-15172

The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerable to Remote Code Execution. With this exploit, Discord users can use specially crafted messages to perform destructive actions and/or access sensitive information. Unloading the Act module with unload act can render this exploi...

8.8CVSS0.00396EPSS
Exploits0References2
OSV
OSVadded 2020/09/15 7:15 p.m.12 views

CVE-2020-15172

The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerable to Remote Code Execution. With this exploit, Discord users can use specially crafted messages to perform destructive actions and/or access sensitive information. Unloading the Act module with unload act can render this exploi...

8.8CVSS7.2AI score
Exploits0References2
Prion
Prionadded 2020/09/15 7:15 p.m.15 views

Remote code execution

The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerable to Remote Code Execution. With this exploit, Discord users can use specially crafted messages to perform destructive actions and/or access sensitive information. Unloading the Act module with unload act can render this exploi...

6.5CVSS8.8AI score0.00396EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2020/09/15 6:45 p.m.12 views

CVE-2020-15172 Remote Code Execution in Act module

The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerable to Remote Code Execution. With this exploit, Discord users can use specially crafted messages to perform destructive actions and/or access sensitive information. Unloading the Act module with unload act can render this exploi...

8.7CVSS8.9AI score0.00396EPSS
Exploits0References2
CVE
CVEadded 2020/09/15 6:45 p.m.47 views

CVE-2020-15172

CVE-2020-15172 affects the Red Discord Bot’s Act module prior to commit 6b9f3b86, which is vulnerable to Remote Code Execution. An attacker could send specially crafted messages to trigger the RCE, enabling destructive actions or access to sensitive information. The vulnerability is reported in m...

8.8CVSS8.9AI score0.00396EPSS
Exploits0References2Affected Software1
Node.js
Node.jsadded 2020/09/14 4:42 p.m.15 views

Sensitive Data Exposure

Overview Applies to Azure DevOps users only. The bot's token may be exposed in server or pipeline logs due to the http.extraheader=AUTHORIZATION parameter being logged without redaction. It is recommended that Azure DevOps users revoke their existing bot credentials and generate new ones after...

6.9AI score
Exploits0Affected Software1
Imperva Blog
Imperva Blogadded 2020/09/13 4:47 p.m.29 views

Putting Your Data Security at the Center of our Mission

We’re more than just an industry-leading Web Application Firewall! For a long time now, Imperva has been known in the cyber security industry as ‘the WAF company’. The go-to brand for Application Security and Web Application Firewalls. But this is only possible due to our data protection DNA. Thi...

0.8AI score
Exploits0
vulnersOsv
vulnersOsvadded 2020/09/11 9:12 p.m.1 views

cassandra-query (>=1.0.1 <=1.0.3), toobatel-bot-lib-js (=1.0.0) potentially affected by unknown CVE via blubird (=0.0.1-security)

blubird NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on blubird and may be impacted: - cassandra-query =1.0.1, =1.0.3 - toobatel-bot-lib-js =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-RVWW-X6M4-4VC2...

5.8AI score
Exploits0
The Hacker News
The Hacker Newsadded 2020/09/02 8:54 a.m.28 views

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit. In what's a new tactic adopted by Magecart groups, the encrypted messaging service is being used to send...

0.4AI score
Exploits0
NVD
NVDadded 2020/08/21 6:15 p.m.8 views

CVE-2020-15147

Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execution vulnerability in the Streams module. This exploit allows Discord users with specifically crafted "going live" messages to inject code into the Streams module's going live message. By abusing this exploit, it's possible to...

8.5CVSS8.7AI score0.02356EPSS
Exploits0References3
OSV
OSVadded 2020/08/21 6:15 p.m.13 views

CVE-2020-15147

Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execution vulnerability in the Streams module. This exploit allows Discord users with specifically crafted "going live" messages to inject code into the Streams module's going live message. By abusing this exploit, it's possible to...

8.5CVSS8.7AI score
Exploits0References3
vulnersOsv
vulnersOsvadded 2020/08/21 6:15 p.m.3 views

tsutils (>=4.0.5 <=5.2.0) potentially affected by CVE-2020-15147 via red-discordbot (=3.0.2)

red-discordbot PYPI version =3.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on red-discordbot and may be impacted: - tsutils =4.0.5, =5.2.0 Source cves: CVE-2020-15147 Source advisory: OSV:PYSEC-2020-266...

8.5CVSS7.2AI score0.02356EPSS
Exploits0
PyPA
PyPAadded 2020/08/21 6:15 p.m.5 views

PYSEC-2020-266

Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execution vulnerability in the Streams module. This exploit allows Discord users with specifically crafted "going live" messages to inject code into the Streams module's going live message. By abusing this exploit, it's possible to...

8.5CVSS7.5AI score0.02356EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder