Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2023/07/14 9:59 p.m.26 views

GHSA-PXFV-7RR3-2QJG copyparty vulnerable to path traversal attack

Summary All versions before 1.8.2 have a path traversal vulnerability, allowing an attacker to download unintended files from the server. Details Unauthenticated users were able to retrieve any files which are accessible according to OS-level permissions from the copyparty process. Usually, this ...

8.7CVSS7.5AI score0.89933EPSS
Exploits4References7
Huntr
Huntradded 2022/09/22 6:9 p.m.21 views

Improper Cache control allows attacker to view sensitive data

Description Due to improper cache control an attacker can view sensitive information even if he is not logged into the account Proof of Concept 1 Go to https://rdiffweb-demo.ikus-soft.com/login/ and login into your account using given credentials 2 Go to...

2.1CVSS0.8AI score0.00254EPSS
Exploits1References1
CVE
CVEadded 2021/12/07 8:32 p.m.69 views

CVE-2021-28680

CVE-2021-28680 concerns the devise_masquerade gem prior to 1.3. The vulnerability allows an attacker to impersonate a target user by manipulating the session cookie and choosing the destination user, without needing that user’s password salt. This weakens a masquerading feature in deployments tha...

8.1CVSS8AI score0.00255EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder