Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19175 matches found

Cvelist
Cvelistadded 2025/12/01 5:32 a.m.10 views

CVE-2025-13809 orionsec orion-ops SSH Connection MachineInfoController.java server-side request forgery

A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...

6.5CVSS0.00281EPSS
Exploits1References5
CVE
CVEadded 2025/12/01 5:32 a.m.13 views

CVE-2025-13809

Summary: CVE-2025-13809 affects orionsec orion-ops (SSH Connection Handler) via the MachineInfoController, where manipulating arguments host/sshPort/username/password/authType can trigger server-side request forgery. The vulnerability is described across multiple sources as exploitable from remot...

6.5CVSS6.1AI score0.00281EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2025/12/01 5:32 a.m.6 views

EUVD-2025-199957

A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...

6.5CVSS5.9AI score0.00281EPSS
Exploits1References6
NVD
NVDadded 2025/12/01 5:16 a.m.3 views

CVE-2025-13808

A flaw has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this vulnerability is the function update of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/UserController.java of the component User Profile Handler. This...

8.8CVSS0.00412EPSS
Exploits1References5
OSV
OSVadded 2025/12/01 5:16 a.m.5 views

CVE-2025-13808

A flaw has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this vulnerability is the function update of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/UserController.java of the component User Profile Handler. This...

8.8CVSS5.3AI score0.00412EPSS
Exploits1References5
NVD
NVDadded 2025/12/01 5:16 a.m.4 views

CVE-2025-13807

A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected is the function MachineKeyController of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineKeyController.java of the component API. The manipulation result...

5.3CVSS0.00313EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/12/01 5:2 a.m.10 views

CVE-2025-13808 orionsec orion-ops User Profile UserController.java update improper authorization

A flaw has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this vulnerability is the function update of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/UserController.java of the component User Profile Handler. This...

7.5CVSS0.00412EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/12/01 5:2 a.m.3 views

CVE-2025-13808 orionsec orion-ops User Profile UserController.java update improper authorization

A flaw has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this vulnerability is the function update of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/UserController.java of the component User Profile Handler. This...

7.5CVSS6.3AI score0.00412EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/12/01 4:32 a.m.10 views

CVE-2025-13807 orionsec orion-ops API MachineKeyController.java MachineKeyController improper authorization

A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected is the function MachineKeyController of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineKeyController.java of the component API. The manipulation result...

5.3CVSS0.00313EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2025/12/01 3:21 a.m.8 views

CVE-2025-13782

A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the function delete of the file application/Admin/Controller/SlideController.class.php of the component SlideController. The manipulation of the argument ids leads to sql...

9.8CVSS7AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/12/01 12:0 a.m.4 views

orion-ops 安全漏洞

orion-ops is a one-stop automated operation and maintenance and automated deployment platform by Jiahang Li, an individual developer. A security vulnerability exists in orion-ops, which stems from the misuse of the parameters host/sshPort/username/password/authType in the file...

6.5CVSS6.4AI score0.00281EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/12/01 12:0 a.m.4 views

PT-2025-48414

A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing manipulation results in path traversal. It is possible to initiate the attack remotely. The explo...

6.9CVSS5.5AI score0.00856EPSS
Exploits1References6
CNNVD
CNNVDadded 2025/12/01 12:0 a.m.3 views

WebStack-Guns 路径遍历漏洞

WebStack-Guns is Dana Keeling individual developer of an open source web site navigation website project , backend based on Guns and Springboot. WebStack-Guns 1.0 version of a path traversal vulnerability , the vulnerability stems from the file KaptchaController.java function renderPicture...

7.5CVSS5.8AI score0.00856EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/12/01 12:0 a.m.4 views

orion-ops 安全漏洞

orion-ops is a one-stop automated O&M and automated deployment platform by the individual developer, Jiahang Li. A security vulnerability exists in orion-ops, which stems from the incorrect manipulation of the parameter ID in the file UserController.java, which could lead to improper authorizatio...

8.8CVSS7.3AI score0.00412EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/12/01 12:0 a.m.2 views

CVE-2025-65840

PublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery CSRF in the CkEditorAdminController...

6.5AI score0.00144EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/12/01 12:0 a.m.8 views

CVE-2025-65840

PublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery CSRF in the CkEditorAdminController...

0.00144EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/12/01 12:0 a.m.6 views

PT-2025-48411

A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected is the function MachineKeyController of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineKeyController.java of the component API. The manipulation result...

5.3CVSS6.7AI score0.00313EPSS
Exploits1References6
Kubernetes Security Advisories
Kubernetes Security Advisoriesadded 2025/11/30 11:8 p.m.4 views

Portworx Half-Blind SSRF in kube-controller-manager

CVSS Rating: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N - Medium 5.8 A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This was patched for other in-tree StorageClasses GlusterFS, Quobyte, StorageOS, and...

5.8CVSS7.2AI score0.00355EPSS
Exploits0
EUVD
EUVDadded 2025/11/30 6:30 a.m.3 views

EUVD-2025-199924

A security flaw has been discovered in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. This affects the function check/uncheck/delete of the file application/Comment/Controller/CommentadminController.class.php of the component CommentadminController. The manipulation of the argument...

6.5CVSS6.2AI score0.00276EPSS
Exploits0References6
EUVD
EUVDadded 2025/11/30 6:30 a.m.5 views

EUVD-2025-199916

A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the function delete of the file application/Admin/Controller/SlideController.class.php of the component SlideController. The manipulation of the argument ids leads to sql...

7.5CVSS6.4AI score0.00336EPSS
Exploits0References5
Rows per page
Query Builder