Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2026/04/06 9:51 p.m.3 views

CVE-2026-35454 Code Extension Marketplace has a Zip Slip Path Traversal

The Code Extension Marketplace is an open-source alternative to the VS Code Marketplace. Prior to 2.4.2, Zip Slip vulnerability in coder/code-marketplace allowed a malicious VSIX file to write arbitrary files outside the extension directory. ExtractZip passed raw zip entry names to a callback tha...

8.7CVSS6.1AI score0.00022EPSS
Exploits0References2
CVE
CVEadded 2026/02/21 6:54 a.m.9 views

CVE-2026-27458

LinkAce versions 2.4.2 and earlier are affected by a Stored XSS in the Atom feed at /lists/feed. An authenticated user can inject a CDATA-breaking payload into a list description, escaping the CDATA and injecting an SVG element into the Atom XML, which the browser parses and executes as JavaScrip...

8.7CVSS6AI score0.00016EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2025/09/22 6:25 p.m.2 views

CVE-2025-57900 WordPress GutenKit Plugin <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ataur R GutenKit allows Stored XSS. This issue affects GutenKit: from n/a through 2.4.2...

6.5CVSS5.6AI score0.00042EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2024/09/23 12:0 a.m.5 views

CVE-2022-48622

...

7.8CVSS7.2AI score0.00071EPSS
Exploits1
OSV
OSVadded 2023/06/01 5:15 p.m.3 views

DEBIAN-CVE-2023-32324

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service DoS attack. A buffer overflow vulnerability in the function formatlogline could allow remote attackers to cause a DoS ...

7.5CVSS6.6AI score0.00148EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/01/30 8:31 p.m.11 views

CVE-2022-4781 Accordion Shortcodes <= 2.4.2 - Contributor+ Stored XSS via Shortcode

The Accordion Shortcodes WordPress plugin through 2.4.2 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.3AI score0.00285EPSS
Exploits2References1
Github Security Blog
Github Security Blogadded 2022/05/24 7:12 p.m.4 views

Magento is affected by an improper input validation vulnerability

Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the V1/customers/me endpoint to achieve information exposure and privile...

8.8CVSS6.6AI score0.00646EPSS
Exploits0References3Affected Software2
OSV
OSVadded 2021/05/14 8:15 p.m.2 views

PYSEC-2021-171

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.SparseConcat. This is because the...

5.5CVSS6.1AI score0.0001EPSS
Exploits1References2
Rows per page
Query Builder