Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2026/01/08 12:0 a.m.18 views

CVE-2025-66916

The snailjob component in RuoYi-Vue-Plus versions 5.5.1 and earlier, interface /snail-job/workflow/check-node-expression can execute QLExpress expressions, but it does not filter user input, allowing attackers to use the File class to perform arbitrary file reading and writing...

0.00084EPSS
Exploits1References3
CVE
CVEadded 2025/10/16 4:7 p.m.19 views

CVE-2024-56143

Strapi 5.0.0–5.5.1 is vulnerable due to improper sanitization of the document service lookup operator for private fields, enabling an attacker to access sensitive data (e.g., admin passwords, reset tokens). The issue is fixed in Strapi 5.5.2. Affected software, root cause, and impact are corrobor...

8.2CVSS6.4AI score0.00023EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2025/01/07 12:0 a.m.2 views

ClipBucket 代码问题漏洞

ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A security vulnerability exists in ClipBucket V5 5.5.1 - 238 and prior versions, which stems from an incorrect check in the file upload functionality that could allow a...

9.8CVSS6.6AI score0.32914EPSS
Exploits1References3
vulnersOsv
vulnersOsvadded 2024/02/21 12:9 a.m.3 views

antimatter (=0.1.3), arcaflow-plugin-sdk (=0.13.0) +3 more potentially affected by CVE-2024-26134 via cbor2 (>=5.5.1 <=5.6.1)

cbor2 PYPI version =5.5.1, =0.1.0, =1.20.0, =0.0.2, =0.0.6 Source cves: CVE-2024-26134 Source advisory: OSV:GHSA-375G-39JQ-VQ7M...

7.5CVSS7.1AI score0.01094EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2024/02/19 12:0 a.m.2 views

PT-2024-21293

Name of the Vulnerable Software and Affected Versions cbor2 versions 5.5.1 through 5.6.2 Description The issue concerns a denial-of-service vulnerability in cbor2, which provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. An attacker can crash a...

7.5CVSS7.7AI score0.01094EPSS
Exploits2References37
ATTACKERKB
ATTACKERKBadded 2022/07/11 1:15 a.m.1 views

CVE-2022-31472

Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet...

4.3CVSS5.5AI score0.00151EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2022/07/04 7:15 a.m.3 views

CVE-2022-28692

Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Scheduler...

4.3CVSS6.1AI score0.00151EPSS
Exploits0References2
Prion
Prionadded 2021/10/12 4:15 p.m.20 views

Cross site request forgery (csrf)

Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using puma with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the proxy to send a...

3.6CVSS4.8AI score0.00288EPSS
Exploits0References5Affected Software2
OSV
OSVadded 2018/12/12 8:29 p.m.2 views

CVE-2018-6705

Privilege escalation vulnerability in McAfee Agent MA for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions...

7.8CVSS6AI score0.00036EPSS
Exploits0References2
Rows per page
Query Builder