Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 7 hours ago5 views

CVE-2026-13140

The CVE-2026-13140 entry concerns Canarytokens.org (Thinkst Applied Research) with a Stored Cross-Site Scripting flaw in the exposed AWS API key store. Affected: Canarytokens Docker images from tag sha-4116b92cb up to before sha-f5aa5c4e and Git commit 4116b92cb before f5aa5c4e. Attack requires k...

2CVSS5.8AI score
Exploits0References1
EUVD
EUVDadded 7 hours ago5 views

EUVD-2026-38736

Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e...

2CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/15 12:0 a.m.4 views

PT-2026-33113

Weblate is a web based localization tool. In versions prior to 5.17, the tasks API didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't have access to given scope. The attacker needs to brute-force the random UUID of the task, so...

3.1CVSS5.8AI score0.00221EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/22 8:55 a.m.4 views

CVE-2019-8799

This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications...

2.4CVSS5.5AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/12/07 12:0 a.m.3 views

Dalmann OCPP.Core Security Vulnerability

Dalmann OCPP.Core is an OCPP Open Charge Point Protocol server written in .NET 6 by Ulrich Personal Developer. A security vulnerability exists in Dalmann OCPP.Core versions prior to 1.3.0, which stems from the server allowing an attacker to stop a transaction using a Random Transaction ID...

7.5CVSS7.5AI score0.00713EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2022/07/17 9:15 p.m.1 views

CVE-2022-27930

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed...

5.9CVSS6.3AI score0.0083EPSS
Exploits0References2
OSV
OSVadded 2020/10/27 8:15 p.m.3 views

CVE-2019-8799

This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications...

2.4CVSS6.6AI score0.00333EPSS
Exploits0References4
NVD
NVDadded 2020/10/27 8:15 p.m.18 views

CVE-2019-8799

This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications...

2.4CVSS2.4AI score0.00333EPSS
Exploits0References4
Rows per page
Query Builder