Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.10 views

PT-2026-35222

A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description leads to command injection. The attack must be carried out locally. The exploit has been disclosed...

8.5CVSS5.1AI score0.00653EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/02/22 10:2 p.m.4 views

CVE-2026-2956 qinming99 dst-admin restore revertBackup command injection

A security flaw has been discovered in qinming99 dst-admin up to 1.5.0. This affects the function revertBackup of the file /home/restore. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit has been released to the public and may be...

6.5CVSS6.3AI score0.0471EPSS
Exploits1References4
NVD
NVDadded 2025/10/27 2:15 a.m.3 views

CVE-2025-62939

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joe Open Currency Converter artiss-currency-converter allows Stored XSS.This issue affects Open Currency Converter: from n/a through = 1.5.0...

6.5CVSS0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 4:52 p.m.7 views

CVE-2020-8826

As of v1.5.0, the Argo web interface authentication system issued immutable tokens. Authentication tokens, once issued, were usable forever without expiration—there was no refresh or forced re-authentication...

7.5CVSS7.2AI score0.01712EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/21 3:14 p.m.7 views

CVE-2025-48264

Cross-Site Request Forgery CSRF vulnerability in artiosmedia Product Code for WooCommerce product-code-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Code for WooCommerce: from n/a through = 1.5.0...

4.3CVSS5.9AI score0.00128EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/02/14 12:0 a.m.3 views

Logpoint AgentX 安全漏洞

Logpoint AgentX is a component of a Security Information and Event Management SIEM solution from Logpoint Denmark. A security vulnerability exists in Logpoint AgentX versions prior to 1.5.0 that stems from inadequate access control and allows the li-admin user to access sensitive information...

6.9CVSS6.5AI score0.00353EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/10/26 3:15 p.m.5 views

CVE-2022-40238 A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5

A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An authenticated attacker can inject arbitrary pickle object as part of a user's profile. This can lead to code execution on the server when the user's profile is accessed...

9AI score0.01158EPSS
Exploits0References1
CNNVD
CNNVDadded 2021/03/31 12:0 a.m.16 views

IMAGE CONQUEST DICOM SERVER 命令注入漏洞

IMAGE CONQUEST DICOM SERVER is IMAGE an open source application. It can store, validate, query and retrieve through programmable SQL database tables. A security vulnerability exists in CONQUEST DICOM SERVER before 1.5.0, which can be exploited by attackers to execute malicious code...

9.8CVSS8.6AI score0.01497EPSS
Exploits0References2
Rows per page
Query Builder