Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/06/04 12:0 a.m.3 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the fact that the web management panel is widely bound to the public IPv6 address space at port :::8080, with no default firewa...

6.9CVSS5.3AI score0.00234EPSS
Exploits0References1
CVE
CVEadded 2026/05/15 3:38 p.m.20 views

CVE-2026-2031

The CVE-2026-2031 entry describes an improper access control vulnerability in several internal API endpoints of Google Cloud Application Integration (prior to 2026-01-23). An unauthenticated remote attacker can disclose sensitive internal information and execute arbitrary code by sending speciall...

10CVSS6AI score0.00486EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/09 7:23 p.m.0 views

CVE-2026-33461

Incorrect Authorization CWE-863 in Kibana can lead to information disclosure via Privilege Abuse CAPEC-122. A user with limited Fleet privileges can exploit an internal API endpoint to retrieve sensitive configuration data, including private keys and authentication tokens, that should only be...

7.7CVSS5.9AI score0.00255EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/12 6:53 a.m.21 views

CVE-2025-67737 AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE

AzuraCast is a self-hosted, all-in-one web radio management suite. Versions 0.23.1 mistakenly include an API endpoint that is intended for internal use by the SFTP software sftpgo, exposing it to the public-facing HTTP API for AzuraCast installations. A user with specific internal knowledge of a...

3.1CVSS0.00205EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-18350

Malware in sbrugna...

3.5CVSS4.8AI score0.00248EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/06/02 12:0 a.m.4 views

PT-2025-50081

Name of the Vulnerable Software and Affected Versions Qualcomm embedded platform firmware affected versions not specified Description An issue exists in Qualcomm embedded platform firmware related to the disclosure of system data to a controlled area. Exploitation of this issue may allow an...

6.7CVSS6.2AI score0.00081EPSS
Exploits0References9
OSV
OSVadded 2025/02/06 6:15 p.m.2 views

DEBIAN-CVE-2025-23217

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...

8.2CVSS5.9AI score0.00761EPSS
Exploits0References1
AlpineLinux
AlpineLinuxadded 2025/02/06 5:32 p.m.1 views

CVE-2025-23217

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...

8.2CVSS8.1AI score0.00761EPSS
Exploits0References3
Rows per page
Query Builder