Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

419 matches found

OSV
OSVadded 2019/06/10 7:29 p.m.18 views

CVE-2019-11027

Ruby OpenID aka ruby-openid through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developer...

9.8CVSS6.6AI score
Exploits0References4
UbuntuCve
UbuntuCveadded 2019/06/10 7:29 p.m.18 views

CVE-2019-11027

Ruby OpenID aka ruby-openid through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developer...

10CVSS7.2AI score0.01731EPSS
Exploits0References3
Prion
Prionadded 2019/06/10 7:29 p.m.8 views

Design/Logic Flaw

Ruby OpenID aka ruby-openid through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developer...

10CVSS9.3AI score0.01731EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2019/06/10 7:29 p.m.10 views

CVE-2019-11027

Ruby OpenID aka ruby-openid through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developer...

10CVSS9.4AI score0.01731EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2019/06/10 6:57 p.m.15 views

CVE-2019-11027

Ruby OpenID aka ruby-openid through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developer...

10CVSS9.4AI score0.01731EPSS
Exploits0
ThreatPost
ThreatPostadded 2019/04/17 1:33 p.m.94 views

Oracle Squashes 53 Critical Bugs in April Security Update

Oracle is urging customers to patch critical vulnerabilities in its products as part of its massive April update, which fixes a whopping 297 flaws. Of those flaws, 53 vulnerabilities in Oracle products had a CVSS score of 9.0 or higher, making them “critical” severity – and in fact, 49 of those...

7.5CVSS0.56432EPSS
Exploits1References5
FreeBSD
FreeBSDadded 2019/04/13 12:0 a.m.208 views

MySQL -- multiple vulnerabilities

Oracle reports: Critical Patch Update Oracle MySQL Executive Summary This Critical Patch Update contains 44 new security fixes for Oracle MySQL. 3 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials...

3.1AI score
Exploits0References1
Cvelist
Cvelistadded 2018/11/20 7:0 p.m.16 views

CVE-2018-18439

DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image...

9.3AI score0.00421EPSS
Exploits1References1
Exploit DB
Exploit DBadded 2018/10/08 12:0 a.m.46 views

net-snmp 5.7.3 - (Authenticated) Denial of Service (PoC)

/ | | | / / | | -| || -| | | . | ||/ ||||| ||||||| | || 2018-10-08 NET-SNMP REMOTE DOS =================== Second bug is remotely exploitable only with knowledge of the community string in this case "public" leading to Denial of Service: echo -n...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2018/09/15 12:0 a.m.97 views

Lone Wolf loadingDOCS Insecure Permissions

EZMAX SECURITY ADVISORY https://www.ezmax.ca/ Product: Loading Docs Vendor: Lone Wolf Technologies http://www.lwolf.com CVE ID: CVE-2018-15502 NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-15502 Subject: Insecure permissions allow remote attackers to download any confidential files via http...

7.7AI score0.00245EPSS
Exploits1
Packet Storm
Packet Stormadded 2018/08/31 12:0 a.m.47 views

ownCloud 0.1.2 User Impersonation Authorization Bypass

COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: ownCloud Impersonate Vendor: ownCloud CSNC ID: CSNC-2018-015 CVE ID: N/A Subject: Authorization bypass Risk: High Effect: Remotely exploitable Author: Thierry Viaccoz Date: 29.08.2018 Introduction:...

0.4AI score
Exploits0
0day.today
0day.todayadded 2018/08/16 12:0 a.m.32 views

ownCloud iOS Application 3.7.3 Cross Site Scripting Vulnerability

Exploit for iOS platform in category web applications COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: ownCloud iOS Application owncloud.iosapp 1 Vendor: ownCloud Gmbh CSNC ID: CSNC-2018-016 CVE ID: N/A Subject: Cross-Site Scripting in ownCloud iOS...

7.1AI score
Exploits0
0day.today
0day.todayadded 2018/08/16 12:0 a.m.103 views

Atmosphere 1.x / 2.x Cross Site Scripting Vulnerability

Async-IO.org Atmosphere suffers from a cross site scripting vulnerability. Versions affected include 2.4.0 through 2.4.28, 2.3.0 through 2.3.9, 2.2.0 through 2.2.12, 2.1.0 through 2.1.13, 2.0.0 through 2.0.11, and 1.0.0 through 1.0.20. COMPASS SECURITY ADVISORY...

6.6AI score
Exploits0
Core Security
Core Securityadded 2018/05/31 12:0 a.m.1024 views

Quest KACE System Management Appliance Multiple Vulnerabilities

Advisory ID Internal CORE-2018-0004 1. Advisory Information Title: Quest KACE System Management Appliance Multiple Vulnerabilities Advisory ID: CORE-2018-0004 Advisory URL:https://www.coresecurity.com/core-labs/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities Date...

10CVSS9.6AI score0.93443EPSS
Exploits17
Core Security
Core Securityadded 2018/05/31 12:0 a.m.747 views

Quest DR Series Disk Backup Multiple Vulnerabilities

Advisory ID Internal CORE-2018-0002 1. Advisory Information Title: Quest DR Series Disk Backup Multiple Vulnerabilities Advisory ID: CORE-2018-0002 Advisory URL:https://www.coresecurity.com/core-labs/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities Date published: 2018-05-31 Date o...

9.8CVSS9.7AI score0.19325EPSS
Exploits2
Packet Storm
Packet Stormadded 2018/05/15 12:0 a.m.68 views

Totemomail Encryption Gateway 6.0.0_Build_371 Cross Site Request Forgery

COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: totemomail Encryption Gateway Vendor: totemo AG CSNC ID: CSNC-2018-003 CVE ID: CVE-2018-6563 Subject: Cross-Site Request Forgery Risk: High Effect: Remotely exploitable Author: Nicolas Heiniger Date: 14.05.20...

0.4AI score0.00099EPSS
Exploits5
Core Security
Core Securityadded 2018/05/03 12:0 a.m.1780 views

TP-Link EAP Controller Multiple Vulnerabilities

1. Advisory Information Title: TP-Link EAP Controller Multiple Vulnerabilities Advisory ID: CORE-2018-0001 Advisory URL:http://www.coresecurity.com/core-labs/advisories/tp-link-eap-controller-multiple-vulnerabilities Date published: 2018-05-03 Date of last update: 2018-05-03 Vendors contacted:...

8.8CVSS8.1AI score0.00588EPSS
Exploits7
0day.today
0day.todayadded 2018/04/02 12:0 a.m.37 views

WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities

Exploit for php platform in category web applications Exploit Title: WampServer 3.1.1 XSS via CSRF Software Link: http://www.wampserver.com/en/ Version: 3.1.1 Tested On: Windows 10 Exploit Author: Vipin Chaudhary Contact: http://twitter.com/vipinxsec Website: http://medium.com/@vipinxsec CVE:...

5.8AI score0.00168EPSS
Exploits5
Openbugbounty
Openbugbountyadded 2018/03/24 12:47 a.m.10 views

minitoons.ir XSS vulnerability

Open Bug Bounty ID: OBB-586426 Description| Value ---|--- Affected Website:| minitoons.ir Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
ICS
ICSadded 2018/02/20 12:0 a.m.96 views

ABB netCADOPS Web Application

CVSS v3 5.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: ABB Equipment: netCADOPS Web Application Vulnerability: Information Exposure AFFECTED PRODUCTS The following versions of netCADOPS Web Application, a web interface, are affected: netCADOPS Web Application Version 3.4...

5.8CVSS5.9AI score0.00219EPSS
Exploits0References5
Rows per page
Query Builder