Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

88734 matches found

OSV
OSVadded 2026/02/24 12:16 a.m.7 views

CVE-2026-3043

A flaw has been found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/navbar.php. Executing a manipulation of the argument page can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and...

6.1CVSS4AI score0.00264EPSS
Exploits1References5
Tenable Nessus
Tenable Nessusadded 2026/02/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-2967

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/netbuiltin.c of the component TCP...

6.3CVSS5AI score0.00491EPSS
Exploits1References3
Redos
Redosadded 2026/02/24 12:0 a.m.7 views

ROS-20260224-73-0035

Vulnerability in gitea related to a flaw in the authorization mechanism. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

5.3CVSS5.6AI score0.00251EPSS
Exploits0
Redos
Redosadded 2026/02/24 12:0 a.m.6 views

ROS-20260224-73-0017

Vulnerability in moodle due to insufficient limitation of authentication attempts. Exploitation of the vulnerability could allow a remote attacker to launch a brute force attack...

7.5CVSS5.5AI score0.00417EPSS
Exploits0
Redos
Redosadded 2026/02/24 12:0 a.m.7 views

ROS-20260224-73-0022

A vulnerability in the Moodle virtual learning environment is related to the failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting XSS attack...

7.3CVSS5.2AI score0.00289EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/02/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-2968

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component...

6.3CVSS5.2AI score0.00218EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/02/23 11:32 p.m.5 views

CVE-2026-3044 Tenda AC8 Httpd Service UploadCfg webCgiGetUploadFile stack-based overflow

A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. The manipulation of the argument boundary leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

9CVSS6.1AI score0.00501EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/02/23 11:2 p.m.4 views

CVE-2026-3042

A vulnerability was detected in itsourcecode Event Management System 1.0. The affected element is an unknown function of the file /admin/index.php. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit is now public a...

7.5CVSS5.4AI score0.00425EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/02/23 10:2 p.m.6 views

CVE-2026-3040

A vulnerability was identified in DrayTek Vigor 300B up to 1.5.1.6. This affects the function cgiGetFile of the file /cgi-bin/mainfunction.cgi/uploadlangs of the component Web Management Interface. The manipulation of the argument File leads to os command injection. The attack may be initiated...

5.8CVSS5.2AI score0.09102EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/02/23 9:2 p.m.5 views

CVE-2026-3027

A vulnerability was found in erzhongxmu JEEWMS up to 3.7. This affects an unknown part of the file src/main/webapp/plug-in/ueditor/jsp/getContent.jsp of the component UEditor. The manipulation of the argument myEditor results in cross site scripting. The attack can be launched remotely. The explo...

5.3CVSS4AI score0.00289EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/02/23 8:2 p.m.4 views

CVE-2026-3025

A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by this vulnerability is an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.asmx. Executing a manipulation of the argument File can lead to unrestricted upload. It is possible...

7.5CVSS5.3AI score0.00378EPSS
Exploits0References4Affected Software1
Ubuntu
Ubuntuadded 2026/02/23 7:56 p.m.6 views

USN-8051-2: libssh vulnerabilities

USN-8051-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that libssh clients incorrectly handled the key exchange process. A remote attacker could possibly...

8.2CVSS5.6AI score0.00582EPSS
Exploits0
NVD
NVDadded 2026/02/23 8:16 a.m.6 views

CVE-2026-2977

A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function uploadcontroller of the file /backend/app/api/v1/modulecommon/file/controller.py of the component Scheduled Task API. Such manipulation leads to unrestricted upload. It is possible to launch the atta...

8.8CVSS0.00293EPSS
Exploits1References4
OSV
OSVadded 2026/02/23 7:16 a.m.4 views

CVE-2026-2976

A weakness has been identified in FastApiAdmin up to 2.2.0. Affected by this issue is the function downloadcontroller of the file /backend/app/api/v1/modulecommon/file/controller.py of the component Download Endpoint. This manipulation of the argument filepath causes information disclosure. It is...

6.5CVSS5.5AI score0.0031EPSS
Exploits1References4
NVD
NVDadded 2026/02/23 7:16 a.m.12 views

CVE-2026-2975

A security flaw has been discovered in FastApiAdmin up to 2.2.0. Affected by this vulnerability is the function resetapidocs of the file /backend/app/plugin/initapp.py of the component Custom Documentation Endpoint. The manipulation results in information disclosure. The attack may be performed...

6.9CVSS0.00412EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/02/23 5:2 a.m.3 views

CVE-2026-2972

A vulnerability was determined in a466350665 Smart-SSO up to 2.1.1. This affects the function Save of the file smart-sso-server/src/main/java/openjoe/smart/sso/server/controller/admin/UserController.java of the component Role Edit Page. Executing a manipulation can lead to cross site scripting. T...

4.8CVSS3.1AI score0.00259EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2026/02/23 4:16 a.m.8 views

CVE-2026-2968

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

6.3CVSS0.00218EPSS
Exploits1References5
OSV
OSVadded 2026/02/23 4:16 a.m.4 views

DEBIAN-CVE-2026-2967

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/netbuiltin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiate...

6.3CVSS4.9AI score0.00491EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/02/23 3:2 a.m.3 views

CVE-2026-2968 Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

6.3CVSS4.3AI score0.00218EPSS
Exploits1References5
Cvelist
Cvelistadded 2026/02/23 3:2 a.m.24 views

CVE-2026-2968 Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

6.3CVSS0.00218EPSS
Exploits1References5
Rows per page
Query Builder