Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/04/09 7:23 p.m.4 views

CVE-2026-39659

Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through = 2.11.3...

5.9AI score0.00037EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/05/20 12:0 a.m.1 views

PT-2024-5352 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions prior to 2.11.3 Argo CD versions prior to 2.10.12 Argo CD versions prior to 2.9.17 Description: Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It’s possible for authenticated users to enumerate...

4.3CVSS7AI score0.00408EPSS
Exploits0References16
OSV
OSVadded 2022/08/05 12:0 a.m.1 views

GHSA-2FXF-QJ94-3F83 Apache JSPWiki XSS due to crafted request on XHRHtml2Markup.jsp

A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Version 2.11.3 contains a fix for th...

6.1CVSS5.9AI score0.85727EPSS
Exploits0References3
OSV
OSVadded 2022/08/05 12:0 a.m.1 views

GHSA-JP3M-P26H-MM7V Apache JSPWiki CSRF due to crafted invocation on the Image plugin

A carefully crafted invocation on the Image plugin could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow a group privilege escalation of the attacker's account. Further examination of this issue established that it could also be used to modify the email associated...

8.8CVSS5.9AI score0.01072EPSS
Exploits0References3
OSV
OSVadded 2022/08/05 12:0 a.m.1 views

GHSA-HPH8-29XW-QFXX Apache JSPWiki XSS due to crafted request in WeblogPlugin

A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later...

6.1CVSS6.6AI score0.85727EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/08/04 12:0 a.m.3 views

PT-2022-19199 · Apache · Apache Jspwiki

Name of the Vulnerable Software and Affected Versions: Apache JSPWiki versions prior to 2.11.3 Description: A carefully crafted request on "UserPreferences.jsp" could trigger a CSRF issue, allowing an attacker to modify the email associated with the attacked account, and then initiate a reset...

6.5CVSS6.2AI score0.85727EPSS
Exploits0References8
OSV
OSVadded 2019/01/08 8:29 p.m.2 views

CVE-2019-0246

SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity...

9.8CVSS5.8AI score0.02744EPSS
Exploits0References3
OSV
OSVadded 2019/01/08 8:29 p.m.3 views

CVE-2019-0247

SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder