Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6573 matches found

NVD
NVDadded 2022/05/16 3:15 p.m.23 views

CVE-2022-0578

Code Injection in GitHub repository publify/publify prior to 9.2.8...

6.5CVSS0.00837EPSS
Exploits1References2
NVD
NVDadded 2022/05/16 3:15 p.m.28 views

CVE-2022-0574

Improper Access Control in GitHub repository publify/publify prior to 9.2.8...

6.5CVSS0.00787EPSS
Exploits1References2
Prion
Prionadded 2022/05/16 3:15 p.m.8 views

Improper access control

Improper Access Control in GitHub repository publify/publify prior to 9.2.8...

6.4CVSS6.5AI score0.00787EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/05/16 3:15 p.m.5 views

Code injection

Code Injection in GitHub repository publify/publify prior to 9.2.8...

6.4CVSS6.7AI score0.00837EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/05/16 3:15 p.m.15 views

Improper access control

Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integri...

4CVSS5AI score0.01166EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/05/16 3:15 p.m.20 views

Server side request forgery (ssrf)

SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information...

5CVSS7.4AI score0.08667EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/05/16 3:15 p.m.19 views

Path traversal

Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio prior to 18.0.5. Read local files of the web application...

5CVSS7.5AI score0.0215EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/05/16 3:15 p.m.14 views

Design/Logic Flaw

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

3.5CVSS5.2AI score0.00717EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCveadded 2022/05/16 3:15 p.m.29 views

CVE-2022-1726

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

6.8CVSS6.6AI score0.00717EPSS
Exploits1References3
Cvelist
Cvelistadded 2022/05/16 2:55 p.m.15 views

CVE-2022-1726 Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in wenzhixin/bootstrap-table

Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...

6.8CVSS5.5AI score0.00717EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/05/16 2:55 p.m.35 views

CVE-2022-1728 Allowing long password leads to denial of service in polonel/trudesk in polonel/trudesk

Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...

7.6CVSS6.7AI score0.00907EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/05/16 2:32 p.m.30 views

CVE-2022-1718 The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in polonel/trudesk

The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service DoS via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service...

7.2CVSS7.5AI score0.00986EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/05/16 2:31 p.m.26 views

CVE-2022-1553 Leaking password protected articles content due to improper access control in publify/publify

Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integri...

8.8CVSS5.4AI score0.01166EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/05/16 2:31 p.m.29 views

CVE-2022-0574 Improper Access Control in publify/publify

Improper Access Control in GitHub repository publify/publify prior to 9.2.8...

5.3CVSS6.7AI score0.00787EPSS
Exploits1References2
OSV
OSVadded 2022/05/16 2:31 p.m.16 views

CVE-2022-1721 Path Traversal in WellKnownServlet in jgraph/drawio

Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio prior to 18.0.5. Read local files of the web application...

7.5CVSS7.6AI score0.0215EPSS
Exploits1References4
CVE
CVEadded 2022/05/16 2:31 p.m.67 views

CVE-2022-1721

CVE-2022-1721 affects the draw.io/jgraph WellKnownServlet. The vulnerability is a path traversal flaw in WellKnownServlet that can read local files of the web application, affecting versions prior to 18.0.5. The issue arises from serving requested resources via the servlet, enabling disclosure of...

7.5CVSS7.5AI score0.0215EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/05/16 2:31 p.m.26 views

CVE-2022-1722 SSRF in editor's proxy via IPv6 link-local address in jgraph/drawio

SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses...

7.5CVSS4.4AI score0.00514EPSS
Exploits1References2
OSV
OSVadded 2022/05/16 2:31 p.m.19 views

CVE-2022-1722 SSRF in editor's proxy via IPv6 link-local address in jgraph/drawio

SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. SSRF to internal link-local IPv6 addresses...

7.5CVSS6.2AI score0.00514EPSS
Exploits1References4
Debian CVE
Debian CVEadded 2022/05/16 12:0 a.m.39 views

CVE-2022-1720

Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...

7.8CVSS7.5AI score0.02098EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2022/05/16 12:0 a.m.2 views

PT-2022-13953 · Publify · Publify

Name of the Vulnerable Software and Affected Versions: publify versions prior to 9.2.8 Description: The issue is related to improper access control in the GitHub repository, allowing attackers to view the contents of password-protected articles on the publify website. This compromises the...

8.8CVSS6.3AI score0.01166EPSS
Exploits1References8
Rows per page
Query Builder