Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2023-39809

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00458EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2025/05/30 12:0 a.m.10 views

ConnectWise ScreenConnect < 25.2.4 RCE

According to its version, the ConnectWise ScreenConnect remote access software installed on the remote host is prior to 25.2.4. It is, therefore affected by a remote code execution vulnerability: - ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection...

8.1CVSS9.4AI score0.06148EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/04/30 12:16 a.m.25 views

CVE-2023-35814

DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET web forms...

9.8CVSS7AI score0.00458EPSS
Exploits0References7
NVD
NVDadded 2025/04/28 4:15 p.m.15 views

CVE-2023-35814

DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET web forms...

9.8CVSS0.00458EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/04/28 12:0 a.m.9 views

CVE-2023-35814

DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET web forms...

3.5CVSS4AI score0.00458EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/04/28 12:0 a.m.12 views

CVE-2023-35814

DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET web forms...

3.5CVSS0.00458EPSS
Exploits0References5
CVE
CVEadded 2025/04/28 12:0 a.m.87 views

CVE-2023-35814

DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET Web Forms. Affects DevExpress XtraReport serialization handling prior to version 23.1.3; impacts confidentiality, integrity and availability as per listed CVSS details. Remediation: upgrade to version 23.1.3 ...

9.8CVSS7AI score0.00458EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVEadded 2025/04/27 7:11 p.m.18 views

CVE-2025-3935

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...

8.1CVSS8AI score0.06148EPSS
Exploits0References1
CVE
CVEadded 2025/04/25 6:27 p.m.299 views

CVE-2025-3935

CVE-2025-3935 affects ScreenConnect 25.2.3 and earlier, where ViewState code injection can enable remote code execution if machine keys are compromised. The vulnerability stems from platform-level ViewState handling in ASP.NET Web Forms rather than a ScreenConnect flaw. ScreenConnect 2025.4 patch...

8.1CVSS8.5AI score0.06148EPSS
In wildExploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2022/10/18 12:0 a.m.9 views

CVE-2022-41479

The DevExpress Resource Handler ASPxHttpHandlerModule in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References IDOR vulnerability which allows attackers to access the application...

7.6AI score0.00385EPSS
Exploits1References3
Rows per page
Query Builder