Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2026/05/14 4:8 p.m.3 views

CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS6.1AI score0.80539EPSS
Exploits4References2
VulnCheck KEV
VulnCheck KEVadded 2022/05/10 12:0 a.m.0 views

VulnCheck KEV: CVE-2022-26925

Microsoft Windows Local Security Authority LSA contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM...

8.1CVSS7AI score0.37425EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/04/13 12:0 a.m.3 views

Cisco Wireless LAN Controller 授权问题漏洞

Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco USA. The product provides security policy, intrusion detection, and other functions in wireless LANs.An authentication bypass vulnerability exists in Cisco Wireless LAN Controller, which could be exploited by an...

10CVSS7.9AI score0.02653EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEVadded 2021/08/24 12:0 a.m.0 views

VulnCheck KEV: CVE-2021-36942

Microsoft Windows Local Security Authority LSA contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM...

7.5CVSS7AI score0.93727EPSS
Exploits4References1
CNNVD
CNNVDadded 2020/12/29 12:0 a.m.2 views

Agentejo Cockpit SQL注入漏洞

Agentejo Cockpit is a self-hosted "headless" and api-driven lightweight, open source content management system. A NoSQL injection vulnerability exists in Agentejo Cockpit versions prior to 0.11.2. The vulnerability can be exploited to conduct a NoSQL injection attack via the Controller/Auth.php...

9.8CVSS5.8AI score0.93971EPSS
Exploits8References8
CNNVD
CNNVDadded 2020/12/29 12:0 a.m.2 views

Agentejo Cockpit SQL注入漏洞

Agentejo Cockpit is a self-hosted "headless" and api driven lightweight, open source content management system. A NoSQL injection vulnerability exists in Agentejo Cockpit prior to version 0.11.2. The vulnerability can be exploited to conduct NoSQL injection attacks via the Controller/Auth.php che...

9.8CVSS5.8AI score0.93926EPSS
Exploits10References8
Positive Technologies
Positive Technologiesadded 2019/05/20 12:0 a.m.2 views

PT-2021-7704 · Zabbix +3 · Zabbix +3

Name of the Vulnerable Software and Affected Versions: Zabbix versions 4.0.x through 4.0.28rc1 Zabbix versions 5.0.0alpha1 through 5.0.10rc1 Zabbix versions 5.2.x through 5.2.6rc1 Zabbix versions 5.4.0alpha1 through 5.4.0beta2 Description: The issue is related to a lack of CSRF protection mechani...

9.8CVSS6.3AI score0.93689EPSS
Exploits8References76
exploitpack
exploitpackadded 2014/09/09 12:0 a.m.25 views

ALCASAR-Remote

By sending a specially crafted value in the "host" HTTP header, it is possible to inject the exec function in order to execute commands as Apache user. !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8 Remote Root Code Execution Vulnerability Author: eF Date : 2014-02-10 db 88 ,ad8888ba, db...

0.5AI score
Exploits0
Rows per page
Query Builder