Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2025/10/27 6:40 p.m.2 views

CVE-2025-36007 IBM QRadar SIEM incorrect privilege assignment

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script...

7.8CVSS6.6AI score0.00013EPSS
Exploits0References1
CVE
CVEadded 2025/10/27 6:40 p.m.9 views

CVE-2025-36007

IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script. The issue affects the App Framework privilege handling and could allow an authenticated attacker with low privileges to escalate with...

7.8CVSS6.6AI score0.00013EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.2 views

PT-2025-44011

Name of the Vulnerable Software and Affected Versions IBM QRadar SIEM versions 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 Description IBM QRadar SIEM versions 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 contains a flaw related to improper privilege assignment to an update script,...

7.8CVSS6.5AI score0.00013EPSS
Exploits0References4
Veracode
Veracodeadded 2022/05/11 10:47 a.m.82 views

OS Command Injection

openssl is vulnerable to OS command injection. The crehash script does not properly sanitise shell metacharacters to prevent command injection which allows an attacker to execute arbitrary commands with the privileges of the script...

9.8CVSS6.1AI score0.38894EPSS
Exploits5References20Affected Software21
CNNVD
CNNVDadded 2022/02/09 12:0 a.m.1 views

XWiki Platform 安全漏洞

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from the XWiki Foundation in France. A security vulnerability exists in XWiki Platform, which stems from the fact that in the affected version, any user with SCRIPT privileges can read any file located in an...

5.5CVSS5.3AI score0.00105EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2021/05/18 12:0 a.m.2 views

PT-2021-19813 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 12.6.7 XWiki Platform versions prior to 12.10.3 Description: A user without Script or Programming right is able to execute script requiring privileges by editing gadget titles in the dashboard. Recommendations...

8.8CVSS8.7AI score0.00691EPSS
Exploits1References10
NCSC
NCSCadded 2020/09/11 12:0 a.m.15 views

Vulnerability fixed in XWiki

The developers of XWiki have fixed a vulnerability. A malicious person with SCRIPT privileges could exploit the vulnerability to gain access to the server's Instance Manager and thereby create arbitrary Java objects. The developers have released updates to fix the vulnerability fix in XWiki 12.2....

6.6CVSS6.9AI score0.00734EPSS
Exploits0
CNVD
CNVDadded 2020/02/18 12:0 a.m.1 views

An unspecified vulnerability exists in the Iteris Vantage Velocity Field Unit.

The Iteris Vantage Velocity Field Unit is a road monitoring field unit from Iteris USA. A security vulnerability exists in the Iteris Vantage Velocity Field Unit version 2.3.1 and 2.4.2, which originates from a program that assigns global writable privileges to the /root/cleardata.pl and...

10CVSS6.8AI score0.00403EPSS
Exploits1References1
Rows per page
Query Builder