Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

112 matches found

NVD
NVDā€¢added 2026/03/12 4:16 p.m.ā€¢1 views

CVE-2019-25538

202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the loguser parameter. Attackers can send crafted requests with malicious SQL statements in the loguser field to extract sensitive database...

8.8CVSS0.00224EPSS
Exploits1References3
Positive Technologies
Positive Technologiesā€¢added 2026/03/12 12:0 a.m.ā€¢2 views

PT-2026-24998

šŸšØ CVE-2019-25538 202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log user parameter. Attackers can send crafted requests with malicious SQL statements in the log user field to extract...

8.8CVSS6AI score0.00224EPSS
Exploits1References5
Cvelist
Cvelistā€¢added 2026/02/26 3:10 p.m.ā€¢18 views

CVE-2026-26265 Discourse has IDOR vulnerability in the directory items endpoint

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an IDOR vulnerability in the directory items endpoint allows any user, including anonymous users, to retrieve private user field values for all users in the directory. The userfieldids parameter ...

7.5CVSS0.00064EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBā€¢added 2026/02/26 3:10 p.m.ā€¢4 views

CVE-2026-26265

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an IDOR vulnerability in the directory items endpoint allows any user, including anonymous users, to retrieve private user field values for all users in the directory. The userfieldids parameter ...

7.5CVSS5.7AI score0.00064EPSS
Exploits0References2Affected Software1
NVD
NVDā€¢added 2026/01/29 3:16 p.m.ā€¢3 views

CVE-2020-36995

Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...

7.5CVSS0.00019EPSS
Exploits0References3
CVE
CVEā€¢added 2026/01/29 2:28 p.m.ā€¢14 views

CVE-2020-36995

CVE-2020-36995 affects Mocha Telnet Lite for iOS 4.2. The vulnerability is a denial-of-service through user configuration input: an attacker can overwrite the 'User' field with 350 repeated characters to crash the app, leading to loss of normal functionality. The affected software/component is iO...

7.5CVSS5.9AI score0.00019EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBā€¢added 2026/01/29 2:28 p.m.ā€¢2 views

CVE-2020-36995

Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...

7.5CVSS5.9AI score0.00019EPSS
Exploits0References3Affected Software1
EUVD
EUVDā€¢added 2026/01/29 2:28 p.m.ā€¢1 views

EUVD-2020-30914

Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...

7.5CVSS5.9AI score0.00019EPSS
Exploits0References3
Cvelist
Cvelistā€¢added 2026/01/29 2:28 p.m.ā€¢30 views

CVE-2020-36995 Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service

Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...

7.5CVSS0.00019EPSS
Exploits0References3
Positive Technologies
Positive Technologiesā€¢added 2026/01/29 12:0 a.m.ā€¢4 views

PT-2026-5273

Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...

7.5CVSS5.9AI score0.00019EPSS
Exploits0References4
OSV
OSVā€¢added 2026/01/28 5:29 p.m.ā€¢4 views

DRUPAL-CONTRIB-2026-007

This module enables you to turn a Drupal install into the Central Authentication System CAS. It makes your database the primary location for other systems to use for authentication in a SSO environment. The module doesn't sufficiently sanitize user-supplied field values configured to be included ...

4.2CVSS5.9AI score0.00049EPSS
Exploits0References1
EUVD
EUVDā€¢added 2025/10/28 3:30 p.m.ā€¢2 views

EUVD-2025-36518

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the txtmailuser and txtmailpass parameters when updating the mail server settings. When a user updates the mail...

5.1CVSS5.7AI score0.00024EPSS
Exploits0References4
Positive Technologies
Positive Technologiesā€¢added 2025/10/28 12:0 a.m.ā€¢1 views

PT-2025-44175

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description IPFire versions prior to 2.29 Core Update 198 are susceptible to a stored cross-site scripting XSS issue. An authenticated attacker can inject arbitrary JavaScript code through the txt...

5.4CVSS5.9AI score0.00024EPSS
Exploits0References6
EUVD
EUVDā€¢added 2025/10/07 12:30 a.m.ā€¢4 views

EUVD-2008-5546

Malware in sbrugna...

7.5CVSS6.4AI score0.01352EPSS
Exploits0References7
EUVD
EUVDā€¢added 2025/10/07 12:30 a.m.ā€¢1 views

EUVD-2017-7855

Malware in sbrugna...

8.8CVSS8.6AI score0.03635EPSS
Exploits0References8
EUVD
EUVDā€¢added 2025/10/07 12:30 a.m.ā€¢1 views

EUVD-2020-6185

Malware in sbrugna...

6.1CVSS6.3AI score0.0021EPSS
Exploits1References2
EUVD
EUVDā€¢added 2025/10/07 12:30 a.m.ā€¢3 views

EUVD-2011-4855

Malware in sbrugna...

6.8CVSS6.4AI score0.00353EPSS
Exploits1References9
EUVD
EUVDā€¢added 2025/10/07 12:30 a.m.ā€¢1 views

EUVD-2018-17743

Malware in sbrugna...

9.8CVSS9.4AI score0.02589EPSS
Exploits5References3
EUVD
EUVDā€¢added 2025/10/07 12:30 a.m.ā€¢5 views

EUVD-2019-3129

Malware in sbrugna...

6.1CVSS6AI score0.01111EPSS
Exploits1References12
EUVD
EUVDā€¢added 2025/10/03 8:7 p.m.ā€¢1 views

EUVD-2022-5726

Malicious code in bioql PyPI...

5.3CVSS5.8AI score0.00471EPSS
Exploits0References15
Rows per page
Query Builder