Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Packet Storm News
Packet Storm Newsadded 2026/04/09 12:0 a.m.4 views

Windows Telemetry Persistence

This is a Metasploit module that provides a persistence mechanism that installs a new telemetry provider for windows. If telemetry is turned on, when the scheduled task launches, it will execute the telemetry provider and execute our payload with system permissions...

6AI score
Exploits0
OSV
OSVadded 2026/03/27 2:24 p.m.2 views

CVE-2026-33761 AVideo: Unauthenticated Access to Scheduler Plugin Endpoints Leaks Scheduled Tasks, Email Content, and User Mappings

WWBN AVideo is an open source video platform. In versions up to and including 26.0, three list.json.php endpoints in the Scheduler plugin lack any authentication check, while every other endpoint in the same plugin directories add.json.php, delete.json.php, index.php requires User::isAdmin. An...

5.3CVSS5.8AI score0.00382EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/03/26 12:0 a.m.1 views

PT-2026-28532

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description The Scheduler plugin in AVideo lacks authentication checks on three list.json.php endpoints: plugin/Scheduler/View/Scheduler commands/list.json.php, plugin/Scheduler/View/Emails...

5.3CVSS5.9AI score0.00382EPSS
Exploits1References5
EUVD
EUVDadded 2026/03/04 12:30 p.m.3 views

EUVD-2026-9395

The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.28.14 via the seraphaccelapi AJAX action with fn=GetData. This is due to the OnAdminApiGetData function not performing any capability checks. This makes it...

4.3CVSS5.9AI score0.00316EPSS
Exploits0References5
Securelist
Securelistadded 2026/01/29 3:7 p.m.5 views

Supply chain attack on eScan antivirus: detecting and remediating malicious updates

UPD 30.01.2026: Added technical details about the attack chain and more IoCs. On January 20, a supply chain attack has occurred, with the infected software being the eScan antivirus developed by the Indian company MicroWorld Technologies. The previously unknown malware was distributed through the...

6.1AI score
Exploits0
Veracode
Veracodeadded 2025/12/13 7:14 a.m.3 views

Improper Access Control

mineadmin/mineadmin is vulnerable to Improper Access Control. The vulnerability is due to insecure permission settings in the scheduled tasks feature, which allows an attacker to execute arbitrary commands and potentially achieve full account takeover...

9.8CVSS6.1AI score0.00468EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2025/12/12 4:15 p.m.4 views

CVE-2025-65854

Insecure permissions in the scheduled tasks feature of MineAdmin v3.x allows attackers to execute arbitrary commands and execute a full account takeover...

9.8CVSS6AI score0.00468EPSS
Exploits0References3
CNVD
CNVDadded 2020/04/16 12:0 a.m.1 views

Microsoft Windows Scheduled Task Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A privilege extraction vulnerability exists in Microsoft Windows and Windows Server, which...

7.1CVSS6.8AI score0.00737EPSS
Exploits0References1
Rows per page
Query Builder