Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedHat Linux
RedHat Linuxadded 2026/05/21 12:4 a.m.7 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7.2AI score0.0001EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2026/03/11 7:8 a.m.1 views

CVE-2026-30916

Shescape is a simple shell escape library for JavaScript. Prior to 2.1.9, an attacker may be able to bypass escaping for the shell being used. This can result, for example, in exposure of sensitive information. This impacts users of Shescape that configure their shell to point to a file on disk...

5.8AI score0.00052EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/26 12:0 a.m.2 views

PT-2026-4814

Name of the Vulnerable Software and Affected Versions Live Helper Chat versions prior to 4.72 Description A stored Cross-Site Scripting XSS issue exists in the PDF file upload functionality. An attacker can upload a malicious PDF file containing an XSS payload. When a user downloads and opens the...

6.9CVSS6AI score0.0009EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-25033

Malicious code in bioql PyPI...

7.8CVSS6.4AI score0.00064EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/11/05 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the bpf module, where an out-of-bounds read problem exists for sockmap linked file descriptors, and is...

7.1CVSS7AI score0.00071EPSS
Exploits0References3
NVD
NVDadded 2024/06/10 5:16 p.m.20 views

CVE-2024-5102

A sym-linked file accessed via the repair function in Avast Antivirus troubleshooting - repair feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the...

7.3CVSS0.00106EPSS
Exploits0References1
CVE
CVEadded 2024/06/10 4:15 p.m.51 views

CVE-2024-5102

The CVE-2024-5102 entry concerns Avast Antivirus prior to version 24.2. The issue resides in the Repair feature (Settings → Troubleshooting → Repair), which attempts to delete a file in the current user’s AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can craft a pseudo-symlink a...

7.3CVSS7AI score0.00106EPSS
Exploits0References1Affected Software1
Huntr
Huntradded 2021/07/21 10:21 a.m.10 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description CSRF bug to remove linked file 🕵️‍♂️ Proof of Concept bellow request is vulnerable to csrf attack when removing linked file.\ https://demo.dolibarr.org/expensereport/card.php?id=202&action=removefile&file=%28PROV202%29%2F%28PROV202%29.pdf&entity=1 💥 Impact csrf attack...

1.6AI score
Exploits0
Rows per page
Query Builder