Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CISA KEV Catalog
CISA KEV Catalogadded 2026/03/09 12:0 a.m.8 views

SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an attacker to run commands on the host machine...

9.8CVSS5.8AI score0.30526EPSS
In wildExploits1
OSV
OSVadded 2025/09/23 5:15 a.m.1 views

CVE-2025-26399

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patc...

9.8CVSS6.4AI score0.30526EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2025/09/17 12:0 a.m.1 views

PT-2025-39120

Name of the Vulnerable Software and Affected Versions SolarWinds Web Help Desk versions prior to 2026.1 Description An unauthenticated remote code execution flaw exists in the 'AjaxProxy' component of SolarWinds Web Help Desk. The issue is caused by the deserialization of untrusted data, where...

9.8CVSS8.5AI score0.30526EPSS
Exploits1References175
Zero Day Initiative
Zero Day Initiativeadded 2025/06/17 12:0 a.m.2 views

SolarWinds Web Help Desk AjaxProxy Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Web Help Desk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AjaxProxy. The issue results from the lack of proper validation of...

9.8CVSS7.2AI score0.07258EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/05/20 12:0 a.m.0 views

IBM WebSphere Application Server 安全漏洞

IBM WebSphere Application Server WAS is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WebSphere Application Server...

5.9CVSS5.6AI score0.0024EPSS
Exploits0References6
NVD
NVDadded 2015/03/12 5:59 p.m.9 views

CVE-2015-2275

Cross-site scripting XSS vulnerability in WoltLab Community Gallery 2.0 before 2014-12-26 allows remote attackers to inject arbitrary web script or HTML via the parametersdata7title parameter in a saveImageData action to index.php/AJAXProxy...

4.3CVSS5.6AI score0.13963EPSS
Exploits4References7
Cvelist
Cvelistadded 2015/03/12 5:0 p.m.17 views

CVE-2015-2275

Cross-site scripting XSS vulnerability in WoltLab Community Gallery 2.0 before 2014-12-26 allows remote attackers to inject arbitrary web script or HTML via the parametersdata7title parameter in a saveImageData action to index.php/AJAXProxy...

5.6AI score0.13963EPSS
Exploits4References7
Rows per page
Query Builder