Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/03/26 12:0 a.m.3 views

PT-2026-28313

Name of the Vulnerable Software and Affected Versions Drupal File Field Paths versions prior to 7.1.3 Description An information disclosure issue exists in the file URI processing of File Field Paths in Drupal. Authenticated users can potentially disclose other users’ private files through...

6.9CVSS5.8AI score0.00048EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/01/29 3:26 a.m.4 views

CVE-2026-21569

This High severity XXE XML External Entity Injection vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 7.9, allows an authenticated attacker to access local and remote content which has high...

7.9CVSS5.9AI score0.00025EPSS
Exploits0References1
OSV
OSVadded 2026/01/28 1:16 a.m.1 views

CVE-2026-21569

This High severity XXE XML External Entity Injection vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 7.9, allows an authenticated attacker to access local and remote content which has high...

7.9CVSS5.9AI score0.00025EPSS
Exploits0References2
CVE
CVEadded 2026/01/28 12:30 a.m.9 views

CVE-2026-21569

This CVE affects Crowd Data Center and Server (Atlassian) starting from version 7.1.0, with a high-severity XXE (XML External Entity Injection) vulnerability. The issue allows an authenticated attacker to access local and remote content, with high impact to confidentiality and availability, and l...

7.9CVSS5.9AI score0.00025EPSS
Exploits0References2Affected Software1
Atlassian
Atlassianadded 2025/12/19 7:27 p.m.17 views

DoS (Denial of Service) org.apache.commons:commons-fileupload2-core Dependency in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to access...

7.5CVSS7.4AI score0.01278EPSS
Exploits1
Atlassian
Atlassianadded 2025/12/19 7:27 p.m.16 views

DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 7.1.2 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to access...

7.5CVSS5.4AI score0.00171EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2024/11/06 12:0 a.m.4 views

PT-2024-34151 · Symfony +2 · Symfony/Securitybundle +2

Name of the Vulnerable Software and Affected Versions: symfony/security-bundle versions prior to 6.4.10 symfony/security-bundle versions prior to 7.0.10 symfony/security-bundle versions prior to 7.1.3 Description: The custom user checker defined on a firewall is not called when logging in...

8.8CVSS6.5AI score0.88664EPSS
Exploits2References45
Rows per page
Query Builder