Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

167 matches found

RedhatCVE
RedhatCVEadded yesterday7 views

CVE-2026-11453

A vulnerability was found in Tiobon Employee Self-Service System up to 7.2. Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of the component Login Endpoint. The manipulation of the argument Keyword results in sql injection. The attack can be launched...

6.5CVSS6.3AI score0.00028EPSS
Exploits0References1
NVD
NVDadded 2 days ago8 views

CVE-2026-11453

A vulnerability was found in Tiobon Employee Self-Service System up to 7.2. Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of the component Login Endpoint. The manipulation of the argument Keyword results in sql injection. The attack can be launched...

6.5CVSS0.00028EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2 days ago3 views

CVE-2026-11453 Tiobon Employee Self-Service System Login Endpoint BlogSearch.aspx sql injection

A vulnerability was found in Tiobon Employee Self-Service System up to 7.2. Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of the component Login Endpoint. The manipulation of the argument Keyword results in sql injection. The attack can be launched...

6.5CVSS6.3AI score0.00028EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 4 days ago6 views

CVE-2026-35250

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

2.3CVSS7.2AI score0.00017EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 4 days ago5 views

CVE-2026-35247

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

6CVSS7.3AI score0.0002EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 4 days ago5 views

CVE-2026-35230

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

7.5CVSS7.1AI score0.00028EPSS
Exploits0References1
NVD
NVDadded 2026/05/17 7:16 a.m.12 views

CVE-2026-8736

A security flaw has been discovered in Oinone Pamirs up to 7.2.0. This vulnerability affects the function request.getParameter of the file LocalFileClient.java of the component RestController. Performing a manipulation of the argument uniqueFileName results in path traversal. The attack may be...

4.3CVSS0.00011EPSS
Exploits0References4
NVD
NVDadded 2026/05/17 6:16 a.m.12 views

CVE-2026-8734

A vulnerability was determined in Oinone Pamirs up to 7.2.0. Affected by this issue is the function RSQLToSQLNodeConnector.makeVariable of the component queryListByWrapper Interface. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

7.5CVSS0.00037EPSS
Exploits0References4
NVD
NVDadded 2026/05/12 11:16 p.m.7 views

CVE-2026-44547

ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and then silently stripped from src/api/routes/public/public-user.php by an unrelated PR before any 7.2.x tag was cut. Every shipped 7.2.x release...

9.6CVSS0.00032EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/12 12:0 a.m.8 views

PT-2026-40463

ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and then silently stripped from src/api/routes/public/public-user.php by an unrelated PR before any 7.2.x tag was cut. Every shipped 7.2.x release...

9.6CVSS5.8AI score0.00032EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/04/29 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-35246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploi...

7.5CVSS7.4AI score0.00028EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/21 9:31 p.m.3 views

EUVD-2026-24455

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

7.5CVSS5.7AI score0.00028EPSS
Exploits0References2
NVD
NVDadded 2026/04/21 9:16 p.m.1 views

CVE-2026-35251

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

7.5CVSS0.00028EPSS
Exploits0References1
NVD
NVDadded 2026/04/21 9:16 p.m.5 views

CVE-2026-35247

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

6CVSS0.0002EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/21 8:35 p.m.1 views

CVE-2026-35251

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

7.5CVSS5.7AI score0.00028EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/21 8:35 p.m.4 views

CVE-2026-35247

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

6CVSS5.8AI score0.0002EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2026/04/21 8:35 p.m.2 views

CVE-2026-35248

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

5CVSS7.3AI score0.00017EPSS
Exploits0
Debian CVE
Debian CVEadded 2026/04/21 8:35 p.m.3 views

CVE-2026-35249

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

3.2CVSS7.4AI score0.00016EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/04/20 7:23 p.m.2 views

CVE-2026-40485

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the public API login endpoint /api/public/user/login returns distinguishable HTTP response codes based on whether a username exists: 404 for non-existent users and 401 for valid users with incorrect passwords. An...

5.3CVSS5.7AI score0.00013EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/20 7:23 p.m.1 views

CVE-2026-40593

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the User Editor UserEditor.php renders stored usernames directly into an HTML input value attribute without applying htmlspecialchars. An administrator can save a username containing HTML attribute-breaking characte...

4.8CVSS5.8AI score0.0001EPSS
Exploits0References1
Rows per page
Query Builder