Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

70 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 12:31 p.m.7 views

CVE-2023-4933

The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...

5.3CVSS6.6AI score0.00128EPSS
Exploits2References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-11020

Malware in sbrugna...

9.8CVSS9.2AI score0.0325EPSS
Exploits1References9
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2006-2099

Malware in sbrugna...

7.5CVSS6.4AI score0.00636EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2007-5953

Malware in sbrugna...

4.3CVSS6.4AI score0.07657EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2005-2164

Malware in sbrugna...

4.3CVSS6.4AI score0.04173EPSS
Exploits1References4
OSV
OSVadded 2023/11/06 9:15 p.m.1 views

CVE-2023-4930

The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the directories where it stores attachments to private messages, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...

6.5CVSS7.3AI score
Exploits0References1
Cvelist
Cvelistadded 2023/11/06 8:41 p.m.12 views

CVE-2023-4930 Front End PM < 11.4.3 - Sensitive Data Exposure via Directory Listing

The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the directories where it stores attachments to private messages, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...

6.5AI score0.00096EPSS
Exploits2References1
Positive Technologies
Positive Technologiesadded 2023/11/06 12:0 a.m.2 views

PT-2023-31160 · WordPress · Front End Pm

Name of the Vulnerable Software and Affected Versions: Front End PM WordPress plugin versions prior to 11.4.3 Description: The issue allows unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled, due to the plugin not blocking the...

6.5CVSS6.8AI score0.00096EPSS
Exploits2References4
OSV
OSVadded 2023/10/16 8:15 p.m.0 views

CVE-2023-4933

The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...

5.3CVSS7.3AI score0.00128EPSS
Exploits2References1
Positive Technologies
Positive Technologiesadded 2023/10/16 12:0 a.m.2 views

PT-2023-31170 · WordPress · Wp Job Openings

Name of the Vulnerable Software and Affected Versions: WP Job Openings WordPress plugin versions prior to 3.4.3 Description: The issue allows unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled, due to the plugin not blocking the...

5.3CVSS5.9AI score0.00128EPSS
Exploits2References7
WPVulnDB
WPVulnDBadded 2023/10/16 12:0 a.m.11 views

Front End PM < 11.4.3 - Sensitive Data Exposure via Directory Listing

Description The plugin does not block listing the contents of the directories where it stores attachments to private messages, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled. PoC...

6.5CVSS6.4AI score0.00096EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDBadded 2023/09/25 12:0 a.m.19 views

WP Job Openings < 3.4.3 - Sensitive Data Exposure via Directory Listing

Description The plugin does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled. PoC...

5.3CVSS5.3AI score0.00128EPSS
Exploits2References1Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 6:11 a.m.3 views

SUSE CVE-2007-4465

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS6AI score0.02883EPSS
Exploits0References7
SUSE CVE
SUSE CVEadded 2023/02/15 5:54 a.m.1 views

SUSE CVE-2011-0419

Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...

4.3CVSS6.5AI score0.48782EPSS
Exploits5References4
SUSE CVE
SUSE CVEadded 2023/02/15 4:35 a.m.1 views

SUSE CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

9.8CVSS7.5AI score0.0325EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2021/09/14 12:0 a.m.61 views

EulerOS 2.0 SP2 : nginx (EulerOS-SA-2021-2412)

According to the versions of the nginx package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause...

9.8CVSS8.2AI score0.73544EPSS
Exploits11References3
OSV
OSVadded 2021/06/06 10:15 p.m.36 views

CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

9.8CVSS9.7AI score
Exploits0References6
OSV
OSVadded 2021/06/06 10:15 p.m.1 views

DEBIAN-CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

9.8CVSS9.6AI score0.0325EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2021/06/06 10:15 p.m.155 views

CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

9.8CVSS7.4AI score0.0325EPSS
Exploits1References7
OSV
OSVadded 2021/06/06 10:15 p.m.0 views

UBUNTU-CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

9.8CVSS7.6AI score0.0325EPSS
Exploits1References8
Rows per page
Query Builder