Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-25355

Malicious code in bioql PyPI...

9.3CVSS6.3AI score0.0016EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/08/20 5:58 p.m.4 views

CVE-2025-55746 Directus allows unauthenticated file upload and file modification due to lacking input sanitization

Directus is a real-time API and App dashboard for managing SQL database content. From 10.8.0 to before 11.9.3, a vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing files with arbitrary contents without changes being applied to the files'...

9.3CVSS7.9AI score0.0016EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/02/04 10:12 p.m.5 views

CVE-2024-35220

@fastify/session is a session plugin for fastify. Requires the @fastify/cookie plugin. When restoring the cookie from the session store, the expires field is overriden if the maxAge field was set. This means a cookie is never correctly detected as expired and thus expired sessions are not...

7.4CVSS7.4AI score0.00351EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/09/02 12:0 a.m.2 views

Jellyfin 安全漏洞

Jellyfin is a free software media system from Jellyfin Open Source. It allows you to control the management and streaming of media. It is an alternative to the proprietary Emby and Plex, and can serve media from dedicated servers to end-user devices through multiple applications. A security...

5.4CVSS6.6AI score0.00173EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/05/21 12:0 a.m.1 views

fastify session 安全漏洞

fastify session is an open source plugin for fastify. A security vulnerability exists in fastify session version 10.8.0 and earlier that stems from the reuse of a corrupted session cookie...

7.4CVSS7.3AI score0.00351EPSS
Exploits0References4
CNNVD
CNNVDadded 2023/02/03 12:0 a.m.3 views

Jellyfin 跨站脚本漏洞

Jellyfin is a freeware media system. It allows you to control the management and streaming of media. It is an alternative to the proprietary Emby and Plex, and can serve media from a dedicated server to end-user devices through multiple applications. A security vulnerability exists in Jellyfin...

5.4CVSS5.7AI score0.00535EPSS
Exploits1References3
Prion
Prionadded 2021/09/07 7:15 p.m.18 views

Path traversal

The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL...

5CVSS5.2AI score0.00256EPSS
Exploits0References2Affected Software1
CNVD
CNVDadded 2018/10/26 12:0 a.m.2 views

Citrix Xen Mobile Code Execution Vulnerability

Citrix Xen Mobile is a mobility management solution from Citrix Systems. The solution is capable of managing mobile devices, developing mobile policies and compliance rules, and providing insight into the operation of mobile cellular networks. A code execution vulnerability exists in Citrix Xen...

7.8CVSS8.1AI score0.00241EPSS
Exploits1References1
OSV
OSVadded 2018/06/26 2:29 p.m.1 views

CVE-2018-0565

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score
Exploits0References2
OSV
OSVadded 2018/06/26 2:29 p.m.0 views

CVE-2018-0566

Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors...

4.3CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder