Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/03/16 12:0 a.m.3 views

Forgejo 安全漏洞

Forgejo is a lightweight Git service. Forgejo versions 13.0.3 and earlier have security vulnerabilities; these vulnerabilities stem from the attachment component allowing the upload of files that can exceed several GB in size, which may lead to denial-of-service attacks...

6.5CVSS5.8AI score0.0002EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/04/15 12:0 a.m.2 views

Oracle iSupplier Portal 安全漏洞

Oracle iSupplier Portal Oracle iSP is a secure self-service tool from Oracle Corporation USA. A security vulnerability exists in Oracle iSupplier Portal versions 12.2.7 through 12.2.14, which stems from a flaw in an attachment component that could lead to the disclosure of critical data...

6.5CVSS7.2AI score0.00443EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2025/04/10 12:0 a.m.1047 views

CVE-2024-58136

Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025. Recent assessments: chutton-r7 at May 11, 2025 1:58pm UTC reported: On the April 9 2025, Yii released an advisory...

10CVSS9.4AI score0.93094EPSS
In wildExploits15References6
ATTACKERKB
ATTACKERKBadded 2022/08/11 3:15 p.m.4 views

CVE-2022-20250

In Messaging, there is a possible way to attach files to a message without proper access checks due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

7.8CVSS7.2AI score0.00016EPSS
Exploits0References2
Prion
Prionadded 2021/02/03 4:15 p.m.14 views

Design/Logic Flaw

In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments...

5CVSS7.5AI score0.00006EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2018/08/21 11:29 p.m.18 views

Design/Logic Flaw

An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The "send" command in the airmail:// URL scheme allows an external application to send arbitrary emails from an active account. URL parameters for the "send" command with the "attachment" prefix designate attachment parameters. If the...

5CVSS5.5AI score0.00295EPSS
Exploits0References1Affected Software1
CNVD
CNVDadded 2016/02/23 12:0 a.m.2 views

Ipswitch MOVEit DMZ and MOVEit Mobile File Read Vulnerabilities

Ipswitch MOVEit is an automated file transfer system from Ipswitch USA. DMZ and Mobile are among the versions. Ipswitch MOVEit DMZ and MOVEit Mobile have a security vulnerability in the 'Send as attachment' function due to the mobile/sendMsg URI failing to adequately filter the ' serverFileIds'...

6.5CVSS7.2AI score0.00008EPSS
Exploits3References1
RubySec
RubySecadded 2013/10/29 12:0 a.m.18 views

Sup wrongly handled the filename of attachments

Sup MUA contains a flaw that is triggered when handling email attachment content. This may allow a context-dependent attacker to execute arbitrary commands...

6.8CVSS7.4AI score0.004EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder