Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

CNNVD
CNNVDadded 2026/04/01 12:0 a.m.2 views

OpenViking 安全漏洞

OpenViking is an open-source artificial intelligence proxy context database developed by Volcengine. Versions of OpenViking prior to 0.2.14 contained security vulnerabilities. These vulnerabilities stemmed from a lack of authentication in the bot proxy router, allowing unauthorized attackers to...

6.9CVSS5.8AI score0.00089EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/02/27 12:0 a.m.3 views

WeGIA 安全漏洞

WeGIA is a network manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions of WeGIA prior to 3.6.5 contained security vulnerabilities. These vulnerabilities stemmed from the adicionartipodocsatendido.php script not being processed through a central...

9.8CVSS5.8AI score0.00038EPSS
Exploits1References2
Imperva Blog
Imperva Blogadded 2025/12/03 9:40 a.m.5 views

’Tis the Season to Be Cyber-Wary: How Thales Protects Against Account Takeover During Peak Shopping Season

The holiday shopping season is the busiest time of year for online retailers, and increasingly the most dangerous. As traffic surges and customers rush to place orders, cybercriminals use the distraction and volume to blend in. Account Takeover ATO attacks spike sharply in November and December,...

7.1AI score
Exploits0
Wallarm Lab
Wallarm Labadded 2025/10/29 11:0 a.m.3 views

API Attack Awareness: Business Logic Abuse — Exploiting the Rules of the Game

As Cybersecurity Awareness Month continues, we wanted to dive even deeper into the attack methods affecting APIs. We’ve already reviewed Broken Object Level Authentication BOLA, injection attacks, and authentication flaws; this week, we’re exploring business logic abuse BLA. Unlike technical flaw...

8AI score
Exploits0
CNNVD
CNNVDadded 2024/08/19 12:0 a.m.1 views

WordPress plugin Icegram 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An access control...

5.3CVSS6.9AI score0.00245EPSS
Exploits0References2
The Hacker News
The Hacker Newsadded 2018/06/21 11:25 a.m.2 views

Thousands of Mobile Apps Expose Their Unprotected Firebase Hosted Databases

Mobile security researchers have discovered unprotected Firebase databases of thousands of iOS and Android mobile applications that are exposing over 100 million data records, including plain text passwords, user IDs, location, and in some cases, financial records such as banking and cryptocurren...

7.2AI score
Exploits0
Rows per page
Query Builder