Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

32 matches found

CVE
CVEadded 7 hours ago21 views

CVE-2026-10795

CVE-2026-10795 concerns UpdraftPlus: WP Backup & Migration Plugin for WordPress, affected up to version 1.26.4. The root cause is insufficient validation of the remote communications message format in UpdraftPlus_Remote_Communications_V2::wp_loaded, allowing an unauthenticated attacker to bypass ...

8.1CVSS6.1AI score
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/01/07 9:26 a.m.6 views

CVE-2019-12157

In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands...

10CVSS6.8AI score0.00004EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2012-1534

Malware in sbrugna...

9.9CVSS8.9AI score0.01578EPSS
Exploits1References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2024-54803

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.00283EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/07/23 8:58 a.m.8 views

CVE-2024-6107

Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has been addressed in MAAS and updated in the corresponding snaps...

9.8CVSS6.7AI score0.00283EPSS
Exploits1References1
OSV
OSVadded 2025/07/23 12:0 a.m.1 views

UBUNTU-CVE-2024-6107

Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has been addressed in MAAS and updated in the corresponding snaps...

9.8CVSS5.8AI score0.00283EPSS
Exploits1References2
NVD
NVDadded 2025/07/21 9:15 a.m.3 views

CVE-2024-6107

Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has been addressed in MAAS and updated in the corresponding snaps...

9.8CVSS0.00283EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/07/21 8:52 a.m.3 views

CVE-2024-6107

Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has been addressed in MAAS and updated in the corresponding snaps...

9.6CVSS7.5AI score0.00283EPSS
Exploits1References1
CVE
CVEadded 2025/07/21 8:52 a.m.26 views

CVE-2024-6107

CVE-2024-6107 affects Canonical MAAS (and related snaps). The root cause is insufficient verification, enabling a malicious client to bypass authentication and execute RPC commands in a region. Documents indicate this can lead to high-impact outcomes (confidentiality, integrity, and availability)...

9.8CVSS7.5AI score0.00283EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2025/07/21 8:52 a.m.7 views

CVE-2024-6107

Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has been addressed in MAAS and updated in the corresponding snaps...

9.6CVSS0.00283EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/07/21 12:0 a.m.2 views

PT-2025-30248 · Canonical · Maas

Name of the Vulnerable Software and Affected Versions: MAAS affected versions not specified Description: Due to insufficient verification, an attacker could bypass authentication checks and run Remote Procedure Call RPC commands in a region using a malicious client. Recommendations: At the moment...

9.6CVSS6.5AI score0.00283EPSS
Exploits1References8
GithubExploit
GithubExploitadded 2021/07/02 4:44 p.m.270 views

Exploit for CVE-2021-1675

PrintNightmare CVE-2021-1675 This Zeek script detects succe...

9.3CVSS8.8AI score0.94314EPSS
Exploits75
NVD
NVDadded 2019/10/02 7:15 p.m.19 views

CVE-2019-12157

In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands...

10CVSS9.4AI score0.00004EPSS
Exploits0References1
Prion
Prionadded 2019/10/02 7:15 p.m.19 views

Design/Logic Flaw

In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands...

10CVSS9.2AI score0.00004EPSS
Exploits0References1Affected Software2
Cvelist
Cvelistadded 2019/10/02 6:51 p.m.16 views

CVE-2019-12157

In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands...

9.4AI score0.00004EPSS
Exploits0References1
Amazon
Amazonadded 2018/02/07 12:0 a.m.20 views

Medium: transmission

Issue Overview: Transmission relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a D...

8.8CVSS9.3AI score0.26345EPSS
Exploits1
Prion
Prionadded 2018/01/15 4:29 p.m.119 views

Design/Logic Flaw

Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...

6.8CVSS8.9AI score0.26345EPSS
Exploits1References7Affected Software2
OSV
OSVadded 2018/01/15 4:29 p.m.66 views

CVE-2018-5702

Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...

8.8CVSS8AI score
Exploits0References7
OSV
OSVadded 2018/01/15 4:29 p.m.2 views

DEBIAN-CVE-2018-5702

Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...

8.8CVSS8.9AI score0.26345EPSS
Exploits1References1
Cvelist
Cvelistadded 2018/01/15 4:0 p.m.14 views

CVE-2018-5702

Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...

8.9AI score0.26345EPSS
Exploits1References7
Rows per page
Query Builder