Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2026/05/26 2:54 p.m.7 views

CVE-2026-43934 e107: Broken Access Control in e107 comment edit allows cross-user comment modification

e107 is a content management system CMS. Prior to 2.3.4, a Broken Access Control vulnerability exists in the application, allowing an unauthorized authenticated user to edit comments posted by others. This stems from inadequate server-side access control validation, where the application depends...

6.5CVSS5.8AI score0.00029EPSS
Exploits0References2
OSV
OSVadded 2026/05/14 8:21 p.m.0 views

GHSA-GM54-M39W-GRJP Open WebUI missing authorization check at the model update function - models from other users can be updated

Summary A user can modify another user's model even if its visibility is set to Private. The finding resulted from a penetration test for a customer. It is suspected that the root cause of the issue lies within the core of Open WebUI, which is why it is being reported as a security issue here...

6.5CVSS5.8AI score0.0003EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/11/20 9:36 p.m.4 views

CVE-2025-65032

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference IDOR vulnerability allows any authenticated user to change the display names of other participants in polls without being an admin or the poll owner. By manipulating the...

6.5CVSS6.7AI score0.00041EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2017-1441

Malware in sbrugna...

6.5CVSS6.6AI score0.00254EPSS
Exploits1References2
OSV
OSVadded 2025/06/18 2:57 p.m.2 views

BIT-MEDIAWIKI-2024-34502

An issue was discovered in WikibaseLexeme in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. Loading Special:MergeLexemes will attempt to make an edit that merges the from-id to the to-id, even if the request was not a POST request, and even if it does not contain an edit...

9.8CVSS9.2AI score0.00159EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2024/05/17 12:0 a.m.21 views

GitLab 1.0 < 13.1.10 / 13.2 < 13.2.8 / 13.3 < 13.3.4 (CVE-2020-13313)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. An unauthorized project maintainer could edit the subgroup badges due to the lack of authorization control...

4.3CVSS5.3AI score0.00155EPSS
Exploits0References4
CNNVD
CNNVDadded 2023/01/10 12:0 a.m.1 views

MediaWiki 安全漏洞

MediaWiki is a free and free-to-use web-based wiki engine from the MediaWiki Foundation, which can be used to deploy in-house knowledge management and content management systems. An authorization error vulnerability exists in the MediaWiki GrowthExperiments extension, which could be exploited by ...

4.3CVSS6.8AI score0.00123EPSS
Exploits0References5
CVE
CVEadded 2020/09/14 7:40 p.m.55 views

CVE-2020-13313

GitLab CVE-2020-13313 affects GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The root cause is an Authorization flaw that allows an unauthorized project maintainer to edit subgroup badges due to missing access controls. Impact is limited to modification of subgroup badges by unauthorized user...

4.3CVSS4.4AI score0.00155EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder