Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/04/16 12:31 p.m.0 views

EUVD-2024-55545

The authentication endpoint fails to adequately validate user-supplied input before reflecting it back in the response. This allows an attacker to inject malicious script payloads into the input parameters, which are then executed by the victim's browser. Successful exploitation can enable an...

6.1CVSS5.8AI score0.00013EPSS
Exploits0References2
GoogleProjectZero
GoogleProjectZeroadded 2025/12/16 12:0 a.m.15 views

Welcome to the new Project Zero Blog

Posted by Natalie Silvanovich While on Project Zero, we aim for our research to be leading-edge, our blog design was … not so much. We welcome readers to our shiny new blog! For the occasion, we asked members of Project Zero to dust off old blog posts that never quite saw the light of day. And...

5.9AI score
Exploits0
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-48709

Malicious code in bioql PyPI...

6.3CVSS6.5AI score0.00131EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/23 8:54 a.m.4 views

CVE-2024-8437

The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions hooked via AJAX like wpegsettings and wpegaddgallery in all versions up to, and including, 4.8.5. This makes it possible for authenticate...

4.3CVSS6.4AI score0.00133EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blogadded 2025/03/26 1:0 p.m.8 views

Inside the Mind of the Attacker: A Conversation with Raj Samani

With Take Command 2025 just around the corner, we sat down with Raj Samani, Chief Scientist at Rapid7, for a preview of his upcoming session: Inside the Mind of an Attacker: Navigating the Threat Horizon. Raj will be joined by Trent Teyema, Founder and President at CSG Strategies and former head ...

7.3AI score
Exploits0
OSV
OSVadded 2021/07/29 12:15 p.m.0 views

CVE-2021-20505

The PowerVM Logical Partition MobilityLPM PowerVM Hypervisor FW920, FW930, FW940, and FW950 encryption key exchange protocol can be compromised. If an attacker has the ability to capture encrypted LPM network traffic and is able to gain service access to the FSP they can use this information to...

4.4CVSS5.8AI score
Exploits0References2
OSV
OSVadded 2020/08/17 7:15 p.m.1 views

CVE-2020-1380

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

7.8CVSS8.1AI score0.91733EPSS
Exploits0References3
CNVD
CNVDadded 2019/01/11 12:0 a.m.1 views

Multiple Reflective Cross-Site Scripting Vulnerabilities in Ampache

Ampache is a WEB-based audio/video streaming software and file manager. Multiple reflective cross-site scripting vulnerabilities exist in Ampache. An attacker can construct XSS statements and perform pop-up box operations to obtain user cookies and other information...

5.9AI score
Exploits0References1
Rows per page
Query Builder