Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

AlpineLinux
AlpineLinuxadded 2026/04/24 4:54 p.m.2 views

CVE-2026-41079

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

5.4CVSS5.4AI score0.00016EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/08/13 5:26 p.m.1 views

CVE-2025-8770 Authorization Bypass Through User-Controlled Key in GitLab

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers...

6.5CVSS6.6AI score0.00025EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:57 a.m.5 views

CVE-2024-21902

An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the...

8.1CVSS6.6AI score0.00482EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 2:59 a.m.1 views

CVE-2023-1371

The W4 Post List WordPress plugin before 2.4.6 does not ensure that password protected posts can be accessed before displaying their content, which could allow any authenticated users to access them...

6.5CVSS6.7AI score0.00426EPSS
Exploits2References1
Positive Technologies
Positive Technologiesadded 2024/12/20 12:0 a.m.2 views

PT-2024-16969 · WordPress · Spotlight

Name of the Vulnerable Software and Affected Versions: Spotlightr plugin for WordPress versions up to, and including, 0.1.9 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'spotlightr-v' shortcode due to insufficient input sanitization and output escaping on...

6.4CVSS7.9AI score0.00233EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 2022/12/26 12:0 a.m.6 views

CVE-2021-39369

In Philips formerly Carestream Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root...

6.4AI score0.00419EPSS
Exploits0References3
OSV
OSVadded 2022/03/03 10:15 p.m.0 views

UBUNTU-CVE-2022-23708

A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index...

4.3CVSS5.8AI score0.00245EPSS
Exploits0References3
OSV
OSVadded 2020/11/16 5:15 p.m.1 views

CVE-2020-4671

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 stores potentially sensitive information in log files that could be read by an authenticatedl user. IBM X-Force ID: 186284...

6.5CVSS6.6AI score
Exploits0References2
Rows per page
Query Builder