Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 6 days ago9 views

CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from a different organization with no membership or role in the affected org/project — can create,...

7.1CVSS0.00235EPSS
Exploits0References2
Cvelist
Cvelistadded 6 days ago20 views

CVE-2026-48089 DevGuard has improper authorization on public assets

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from a different organization with no membership or role in the affected org/project — can create,...

7.1CVSS0.00235EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/06/10 12:0 a.m.9 views

Debusine 安全漏洞

Debusine is a software supply chain management platform for the Debian community, focused on package building, testing, analysis, and distribution. There is a security vulnerability in Debusine, which stems from the lack of permission checks performed on endpoints related to the creation and...

6.5CVSS5.3AI score0.00199EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 5:17 a.m.4 views

CVE-2023-30619

Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute...

5.4CVSS6.9AI score0.00473EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/12/09 12:0 a.m.3 views

Enalean Tuleap 跨站脚本漏洞

Enalean Tuleap is a free and open source tool from the French company Enalean. For end-to-end traceability of application and system development. A cross-site scripting vulnerability exists in Enalean Tuleap Community Edition prior to 16.1.99.50 and Enalean Tuleap Enterprise Edition prior to 16.1...

5.4CVSS6.1AI score0.00307EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2024/12/09 12:0 a.m.5 views

PT-2024-35395 · Unknown · Tuleap Community Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.1.99.50 Tuleap Enterprise Edition versions prior to 16.1-4 Tuleap Enterprise Edition versions prior to 16.0-7 Description: A malicious user with the ability to create an artifact in a tracker with...

5.4CVSS7.4AI score0.00307EPSS
Exploits1References9
CVE
CVEadded 2023/07/25 5:30 p.m.50 views

CVE-2023-35929

Tuleap CVE-2023-35929 is a cross-site scripting vulnerability in card fields of the kanban and PV2 apps. The issue occurs when content displayed in card fields is not properly escaped, allowing a malicious user who can create an artifact or edit a card-field to cause script execution. Affected ve...

5.4CVSS5.5AI score0.00397EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder