Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CNNVD
CNNVDadded 2026/05/12 12:0 a.m.5 views

mako 路径遍历漏洞

Mako is an open-source template library written in Python by SQLAlchemy. It offers a familiar non-XML syntax, which can be compiled into Python modules for optimal performance. Prior to Mako 1.3.12, there was a path traversal vulnerability. This vulnerability stemmed from a bypass of directory...

8.7CVSS5.8AI score0.00287EPSS
Exploits1References1
OSV
OSVadded 2026/04/01 11:40 p.m.1 views

GHSA-Q56X-G2FJ-4RJ6 ONNX: TOCTOU arbitrary file read/write in save_external_dat

Summary The saveexternaldata method seems to include multiple issues introducing a local TOCTOU vulnerability, an arbitrary file read/write on any system. It potentially includes a path validation bypass on Windows systems. Regarding the TOCTOU, an attacker seems to be able to overwrite victim's...

7.1CVSS6AI score
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/12/17 8:7 a.m.1 views

CVE-2025-65319

When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software...

9.1CVSS6.8AI score0.00104EPSS
Exploits33References1
Cvelist
Cvelistadded 2025/06/26 12:0 a.m.6 views

CVE-2024-52928

Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites with previously granted permissions to add new permissions when the user clicks anywhere on the website...

9.6CVSS0.00288EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEVadded 2023/11/13 12:0 a.m.0 views

VulnCheck KEV: CVE-2023-36584

Microsoft Windows Mark of the Web MOTW contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features...

5.4CVSS7AI score0.15418EPSS
Exploits0References1
OSV
OSVadded 2022/07/28 1:15 a.m.0 views

UBUNTU-CVE-2022-2162

Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page...

8.8CVSS7.3AI score0.00401EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2022/06/28 7:58 a.m.1 views

nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an...

8.6CVSS7.4AI score0.00085EPSS
Exploits0References6
Kitploit
Kitploitadded 2021/10/18 8:30 p.m.54 views

Inceptor - Template-Driven AV/EDR Evasion Framework

Modern Penetration testing and Red Teaming often requires to bypass common AV/EDR appliances in order to execute code on a target. With time, defenses are becoming more complex and inherently more difficult to bypass consistently. Inceptor is a tool which can help to automate great part of this...

8.1AI score
Exploits0References16
NVD
NVDadded 2002/12/31 5:0 a.m.8 views

CVE-2002-2275

Fortres 101 4.1 allows local users to bypass Fortres by pressing the Windows and "F" key together for 30 seconds, which opens multiple windows and eventually causes explorer.exe to crash, which then opens an unrestricted explorer.exe...

2.1CVSS6.4AI score0.00065EPSS
Exploits0References4
Rows per page
Query Builder