Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded yesterday3 views

CVE-2025-71310

The GDPR cookies module for Backdrop CMS before 1.x-1.3.5 doesn't sufficiently protect visitors from Cross Site Scripting XSS if a malicious value has been provided for the optional 'Info content' field for the YouTube service. This is mitigated by the fact that an attacker must have a role with...

1.8CVSS5.3AI score0.00057EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2009-1287

Malware in sbrugna...

4CVSS6.4AI score0.00208EPSS
Exploits1References6
NVD
NVDadded 2025/07/04 3:15 a.m.5 views

CVE-2025-5953

The WP Human Resource Management plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the ajaxinsertemployee and updateempoyee functions in versions 2.0.0 through 2.2.17. The AJAX handler reads the client-supplied $POST'role' and, after basic cleaning via...

8.8CVSS0.00344EPSS
Exploits0References5
Veracode
Veracodeadded 2022/12/13 5:23 a.m.13 views

Privilege Escalation

rdiffweb is vulnerable to privilege escalation. The vulnerability exists because the library does not properly block repository access when the userroot directory is empty or a relative path, allowing an attacker to modify access roles...

9.8CVSS8.8AI score0.00448EPSS
Exploits1References4Affected Software1
Veracode
Veracodeadded 2022/05/06 2:28 p.m.11 views

Privilege Escalation

ezsystems/ezplatform-kernel is vulnerable to privileg escalation. Root Location in ObjectStateLimitationType are not evaluated properly, causing the limitation of access to content based on object state to be ineffective and allowing access regardless of the object state if it is used in specifyi...

4.6AI score
Exploits0
NVD
NVDadded 2009/04/13 4:30 p.m.7 views

CVE-2009-1289

private/login.ssi in the Advanced Management Module AMM on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter...

4CVSS6.6AI score0.00208EPSS
Exploits1References5
Prion
Prionadded 2009/04/13 4:30 p.m.10 views

Code injection

private/login.ssi in the Advanced Management Module AMM on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter...

4CVSS7.1AI score0.00208EPSS
Exploits1References5Affected Software2
Cvelist
Cvelistadded 2009/04/13 4:0 p.m.10 views

CVE-2009-1289

private/login.ssi in the Advanced Management Module AMM on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter...

6.6AI score0.00208EPSS
Exploits1References5
Rows per page
Query Builder