CVE-2024-9866

The Event Tickets with Ticket Scanner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameters in all versions up to, and including, 2.4.4 due to insufficient input sanitization and output escaping and missing authorization on the functionality to manage tickets...

CVE-2024-12715

The Asgard Security Scanner WordPress plugin through 0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-28140

The scanner device boots into a kiosk mode by default and opens the Scan2Net interface in a browser window. This browser is run with the permissions of the root user. There are also several other applications running as root user. This can be confirmed by running "ps aux" as the root user and...

CVE-2023-52221

Unrestricted Upload of File with Dangerous Type vulnerability in UkrSolution Barcode Scanner and Inventory manager.This issue affects Barcode Scanner and Inventory manager: from n/a through 1.5.1...

CVE-2023-44240

Cross-Site Request Forgery CSRF vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin = 1.54 versions...

CVE-2023-6222

IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks...

CVE-2023-52176

Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through 4.7.1...

CVE-2023-38961

Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanneriscontextneeded component in js-scanner-until.c...

CVE-2023-31907

Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scannerliteraliscreated at /jerry-core/parser/js/js-scanner-util.c...

CVE-2023-30517

Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner server...

CVE-2023-28364

An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now the user must manually navigate to the URL...

CVE-2023-1401

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...

Tornado Detection

Binary data pythontornadodetect.nbin...

Fedora 41 : dotnet9.0 (2025-75bda8d944)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-75bda8d944 advisory. This is the May 2025 update for .NET 9. Release Notes: - SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.5/9.0.106.md - Runtime:...

CVE-2022-4206

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

CVE-2022-41945

super-xray is a vulnerability scanner xray GUI launcher. In version 0.1-beta, the URL is not filtered and directly spliced ​​into the command, resulting in a possible RCE vulnerability. Users should upgrade to super-xray 0.2-beta...

CVE-2022-22890

There is an Assertion 'argumentstype != SCANNERARGUMENTSPRESENT && argumentstype != SCANNERARGUMENTSPRESENTNOREG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript 3.0.0...

CVE-2022-1995

The Malware Scanner WordPress plugin before 4.5.2 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup...

CVE-2022-30729

Implicit Intent hijacking vulnerability in Settings prior to SMR Jun-2022 Release 1 allows attackers to get Wi-Fi SSID and password via a malicious QR code scanner...

CVE-2021-21881

An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...