Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/02/26 10:15 p.m.3 views

EUVD-2026-8906

wger: IDOR via user-unscoped cache keys on routine API actions exposes workout data...

3.1CVSS5.3AI score0.00036EPSS
Exploits1References2
NCSC
NCSCadded 2026/02/11 11:45 a.m.4 views

Vulnerabilities fixed in GitLab CE/EE

GitLab has fixed vulnerabilities in GitLab CE/EE Specifically for versions prior to 18.6.6, 18.7.4, and 18.8.4. The vulnerabilities include server-side request forgery, unauthorized access to internal network services, injection of malicious content, unauthorized actions via the GLQL API,...

9.1CVSS5.6AI score0.00092EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/05/28 12:0 a.m.1 views

PT-2025-23137 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions prior to v2.13.8 Argo CD versions prior to v2.14.13 Argo CD versions prior to v3.0.4 Description: This issue allows an attacker to perform arbitrary actions on behalf of the victim via the API, such as creating, modifying, an...

9CVSS8.6AI score0.00067EPSS
Exploits0References25
RedhatCVE
RedhatCVEadded 2025/05/23 5:38 a.m.2 views

CVE-2023-26447

The "upsell" widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not get escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering...

5.4CVSS6.9AI score0.00105EPSS
Exploits0References1
OSV
OSVadded 2024/06/24 3:15 a.m.1 views

CVE-2024-4499

A Cross-Site Request Forgery CSRF vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, which can then trigger arbitrary LoLLMS-XTTS...

6.3CVSS5.9AI score
Exploits0References1
CNNVD
CNNVDadded 2021/06/22 12:0 a.m.3 views

Palo Alto Networks Cortex XSOAR 安全漏洞

Palo Alto Networks Cortex XSOAR is a software application from Palo Alto Networks, Inc. It provides a security orchestration, automation, and response platform with threat intelligence management and a built-in marketplace. A security vulnerability exists in Palo Alto Networks Cortex XSOAR, which...

9.8CVSS8.3AI score0.00357EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2016/02/18 4:41 p.m.28 views

Moderate: Red Hat Security Advisory: openstack-heat bug fix and security advisory

Updated openstack-heat packages that fix one security issue and resolve various bugs are now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS...

5.5CVSS6AI score0.01217EPSS
Exploits0References15
Rows per page
Query Builder