Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/02/25 2:16 p.m.6 views

CVE-2026-3185

A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploi...

6.9CVSS0.0044EPSS
Exploits1References7
OSV
OSVadded 2025/09/12 3:15 p.m.2 views

CVE-2025-55996

Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface...

6.3CVSS5.8AI score
Exploits0References1
BDU FSTEC
BDU FSTECadded 2024/05/06 12:0 a.m.7 views

The vulnerability of the interface configurations of the Jolokia JMX REST API and the Message REST API of the Apache ActiveMQ software platform allows a perpetrator to gain access to read, modify, or delete information.

The vulnerability of the Jolokia JMX REST API and Message REST API interface configurations of the Apache ActiveMQ software platform is related to insecure resource initialization due to the absence of authentication procedures. Exploiting this vulnerability could allow an attacker to gain read,...

8.5CVSS7.6AI score0.0692EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2024/04/11 12:0 a.m.5 views

PT-2024-3291

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions 6.x prior to 6.1.2 Description The default configuration does not secure the API web context, leading to insecure resource initialization due to a lack of authentication. This allows remote attackers to use the Jolokia...

8.8CVSS7.6AI score0.0692EPSS
Exploits1References55
OSV
OSVadded 2024/01/10 7:15 a.m.2 views

CVE-2023-41781

There is a Cross-site scripting XSS vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered...

6.1CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/12/14 12:0 a.m.3 views

PT-2023-20212 · Zte · Zte Mobile Internet

Name of the Vulnerable Software and Affected Versions: ZTE mobile internet products affected versions not specified Description: The issue is related to a SQL injection vulnerability due to insufficient input validation of the SMS interface parameter. An authenticated attacker could exploit this ...

8CVSS7.8AI score0.00342EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2022/05/10 1:43 p.m.5 views

kernel: Heap buffer overflow in firedtv driver

A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to...

6.7CVSS6.8AI score0.00443EPSS
Exploits0References5
BDU FSTEC
BDU FSTECadded 2018/02/15 12:0 a.m.4 views

The vulnerability of the message transfer interface (Qualcomm Trusted Execution Environment) of the Android operating system, which allows a perpetrator to execute arbitrary code

The vulnerability of the message transmission interface Qualcomm Trusted Execution Environment, TEE in the Android operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6AI score0.00726EPSS
Exploits0References4
Rows per page
Query Builder