Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/05/14 12:0 a.m.9 views

PT-2026-41212

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description A mass assignment issue exists in the dataset create and update processes. The application uses Object.assign to copy the request body into a Dataset entity without an explicit field allowlist,...

8.8CVSS5.5AI score0.00335EPSS
Exploits0References8
HackRead
HackReadadded 2025/07/25 1:22 p.m.3 views

Hacker Added Prompt to Amazon Q to Erase Files and Cloud Data

A hacker injected a malicious prompt into Amazon Q via GitHub, aiming to delete user files and wipe AWS data, exposing a major security flaw...

7.3AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 3:43 a.m.9 views

CVE-2023-30677

Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device...

6.1CVSS6.6AI score0.00224EPSS
Exploits0References1
HackRead
HackReadadded 2025/04/16 1:1 p.m.9 views

SquareX to Uncover Data Splicing Attacks at BSides San Francisco, A Major DLP Flaw that Compromises Data Security of Millions

Palo Alto, California, 16th April 2025, CyberNewsWire...

7.3AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/02/05 12:13 a.m.12 views

CVE-2024-4287

In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to /api/workspace/:workspace-slug/update, allowing it to be executed as part of ...

8.1CVSS7.9AI score0.0061EPSS
Exploits1
OSV
OSVadded 2024/06/13 5:15 p.m.2 views

CVE-2024-38280

An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text...

4.6CVSS5.8AI score0.00151EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/03/10 12:0 a.m.4 views

IBM Guardium Data Encryption 安全漏洞

IBM Guardium Data Encryption GDE is an application from IBM of America, Inc. IBM Guardium Data Encryption versions 4.0.0.0 and 5.0.0.0 contain a security vulnerability that stems from the fact that the software saves user information in a CSV form file with a comma as the separator symbol, but it...

8.8CVSS5.7AI score0.00471EPSS
Exploits0References3
EUVD
EUVDadded 2011/08/29 8:0 p.m.5 views

EUVD-2011-0254

The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the basicConstraints parameter during validation of X.509 certificate chains, which allows man-in-the-middle attackers to spoof an SSL server by using a non-CA certificate to sign a certificate for an...

7.5CVSS5.7AI score0.06387EPSS
Exploits1References10
Rows per page
Query Builder