Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9794 matches found

NVD
NVDadded 2026/04/16 11:16 a.m.7 views

CVE-2025-12624

Active access tokens are not revoked or invalidated when a user account is locked within WSO2 Identity Server. This failure to enforce revocation allows previously issued, valid tokens to remain usable, enabling continued access to protected resources by locked user accounts. The security...

6CVSS0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/16 1:22 a.m.4 views

CVE-2026-33714

Chamilo is an open-source learning management system LMS. Version 2.0.0-RC.2 contains a SQL Injection vulnerability in the statistics AJAX endpoint, which is an incomplete fix for CVE-2026-30881. While CVE-2026-30881 was patched by applying Security::removeXSS to the datestart and dateend...

7.2CVSS6AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/15 7:24 p.m.6 views

CVE-2026-33708

Chamilo LMS is a learning management system. Prior to 1.11.38, the getuserinfofromusername REST API endpoint returns personal information email, first name, last name, user ID, active status of any user to any authenticated user, including students. There is no authorization check. This...

6.5CVSS5.8AI score0.00209EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/15 7:24 p.m.6 views

CVE-2026-32072

Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally...

6.2CVSS6.2AI score0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/15 7:24 p.m.3 views

CVE-2026-33826

Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network...

8CVSS5.9AI score0.00535EPSS
Exploits2References1
Tenable Nessus
Tenable Nessusadded 2026/04/15 12:0 a.m.6 views

Tripp Lite Active Devices Detection

The current plugin identifies Tripp Lite devices that are still under active support. Tripp Lite Lifecycle Statuses: - Active: Product is currently available and supported. - Discontinued: Product no longer manufactured or procured. %NASLMINLEVEL 80900 C Tenable Network Security, Inc...

5.5AI score
Exploits0References1
Snyk
Snykadded 2026/04/14 11:39 p.m.5 views

Insufficient Session Expiration

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Insufficient Session Expiration due to improper session management when user permissions are changed. An attacker can retain unauthorized access to resource...

6.3CVSS5.8AI score
Exploits0References2
Snyk
Snykadded 2026/04/14 10:49 p.m.3 views

Active Debug Code

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Active Debug Code via the git.json.php script, which executes a shell command and returns sensitive information as JSON to any unauthenticated user. An attacker ca...

6.9CVSS5.8AI score
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/14 9:0 p.m.3 views

CVE-2026-33714 Chamilo LMS has Authenticated SQL Injection in statistics.ajax.php users_active action (2.0 RC2)

Chamilo is an open-source learning management system LMS. Version 2.0.0-RC.2 contains a SQL Injection vulnerability in the statistics AJAX endpoint, which is an incomplete fix for CVE-2026-30881. While CVE-2026-30881 was patched by applying Security::removeXSS to the datestart and dateend...

7.1CVSS6AI score0.00258EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/14 9:0 p.m.17 views

CVE-2026-33714 Chamilo LMS has Authenticated SQL Injection in statistics.ajax.php users_active action (2.0 RC2)

Chamilo is an open-source learning management system LMS. Version 2.0.0-RC.2 contains a SQL Injection vulnerability in the statistics AJAX endpoint, which is an incomplete fix for CVE-2026-30881. While CVE-2026-30881 was patched by applying Security::removeXSS to the datestart and dateend...

7.1CVSS0.00258EPSS
Exploits0References2
CVE
CVEadded 2026/04/14 9:0 p.m.16 views

CVE-2026-33714

Chamilo LMS versions 2.0.0-RC.2 are affected by a SQL injection in the statistics AJAX endpoint (public/main/inc/ajax/statistics.ajax.php) where unsanitized parameters date_start and date_end in the users_active action interpolate into SQL. This follows an incomplete fix for CVE-2026-30881, which...

7.2CVSS6AI score0.00258EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2026/04/14 6:30 p.m.5 views

EUVD-2026-22645

Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network...

8CVSS5.9AI score0.00535EPSS
Exploits2References2
EUVD
EUVDadded 2026/04/14 6:30 p.m.4 views

EUVD-2026-22497

Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally...

6.2CVSS5.7AI score0.00287EPSS
Exploits0References2
NVD
NVDadded 2026/04/14 6:17 p.m.5 views

CVE-2026-33826

Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network...

8CVSS0.00535EPSS
Exploits2References1
NVD
NVDadded 2026/04/14 6:17 p.m.2 views

CVE-2026-32072

Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally...

6.2CVSS0.00287EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/14 4:58 p.m.2 views

CVE-2026-32072 Active Directory Spoofing Vulnerability

...

6.2CVSS5.8AI score0.00287EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/14 4:58 p.m.31 views

CVE-2026-32072 Active Directory Spoofing Vulnerability

...

6.2CVSS0.00287EPSS
Exploits0References1
CVE
CVEadded 2026/04/14 4:58 p.m.24 views

CVE-2026-32072

CVE-2026-32072 corresponds to an unauthenticated spoofing vulnerability in Windows Active Directory (local access). The Red Hat and NCSC entries corroborate the flaw as an AD authentication issue with local spoofing potential. Public documentation lists this CVE under Windows Active Directory wit...

6.2CVSS5.7AI score0.00287EPSS
Exploits0References1Affected Software13
Cvelist
Cvelistadded 2026/04/14 4:57 p.m.26 views

CVE-2026-33826 Windows Active Directory Remote Code Execution Vulnerability

...

8CVSS0.00535EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2026/04/14 4:57 p.m.4 views

CVE-2026-33826 Windows Active Directory Remote Code Execution Vulnerability

...

8CVSS5.8AI score0.00535EPSS
Exploits2References1
Rows per page
Query Builder