Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Snyk
Snykadded 2026/05/21 11:45 p.m.7 views

Authorization Bypass Through User-Controlled Key

Overview concrete5/concrete5 is a concrete5 open source CMS. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the surveys process. An attacker can gain unauthorized access to restricted survey functionality by submitting a restricted option ...

6.3CVSS5.7AI score0.00059EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/10/31 12:0 a.m.3 views

PT-2025-44635

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions prior to 9.5.1 Description Kitware VTK Visualization Toolkit versions up to 9.5.0 have a buffer overflow issue in the vtkGLTFDocumentLoader component. This occurs within the BufferDataExtractionWorker...

7.5CVSS6.9AI score0.00085EPSS
Exploits1References7
RedhatCVE
RedhatCVEadded 2025/02/05 1:15 p.m.8 views

CVE-2020-35951

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their control. This occurre...

9.9CVSS6.8AI score0.58224EPSS
Exploits2
SUSE CVE
SUSE CVEadded 2023/02/15 3:55 a.m.2 views

SUSE CVE-2020-16307

A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51...

5.5CVSS7.2AI score0.01771EPSS
Exploits1References3
OSV
OSVadded 2022/08/27 12:0 a.m.0 views

GHSA-6278-2Q4M-CMF3 ZK Framework vulnerable to malicious POST

ZK Framework version 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...

7.5CVSS5.9AI score0.93942EPSS
Exploits5References6
OSV
OSVadded 2020/08/13 3:15 a.m.1 views

DEBIAN-CVE-2020-16289

A buffer overflow vulnerability in cifprintpage in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

5.5CVSS6.6AI score0.0067EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2020/07/17 12:0 a.m.4 views

PT-2020-4343 · Teclib +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.1 Description: The issue is related to the Clone feature in the GLPI system, which is vulnerable due to incorrect neutralization of special elements used in SQL queries. This allows a remote attacker to execute...

10CVSS7AI score0.94395EPSS
Exploits32References127
CNVD
CNVDadded 2019/05/14 12:0 a.m.2 views

IBM Rational DOORS Web Access Cross-Site Scripting Vulnerability (CNVD-2019-15711)

IBM Rational DOORS Web Access is a requirements collaboration solution from IBM USA. The product supports creating, analyzing, editing, and discussing requirements and other A cross-site scripting vulnerability exists in IBM Rational DOORS Web Access versions 9.5.1 through 9.5.2.9 and 9.6 through...

5.4CVSS6.4AI score0.00186EPSS
Exploits0References1
Rows per page
Query Builder