Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNVD
CNVDadded 2026/03/17 12:0 a.m.1 views

Siemens SICAM SIAPP SDK Buffer Overflow Vulnerability

Siemens SICAM SIAPP SDK is a software development kit from Siemens, Germany. A buffer overflow vulnerability exists in Siemens SICAM SIAPP SDK versions prior to V2.1.7. The vulnerability stems from a client-side component that does not perform a maximum length check on certain variables before us...

5.9CVSS6.3AI score0.00019EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/10 4:7 p.m.23 views

CVE-2026-25605

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The affected application performs file deletion without properly validating the file path or target. An attacker could delete files or sockets that the affected process has permission to remove, potentially resulting in...

6.7CVSS0.0002EPSS
Exploits0References1
OSV
OSVadded 2025/12/12 3:30 p.m.2 views

GHSA-749J-2HP6-8CXM Apache StreamPark uses a Weak Encryption Algorithm

Weak Encryption Algorithm in StreamPark, The use of an AES cipher in ECB mode and a weak random number generator for encrypting sensitive data, including JWT tokens, may have risked exposing sensitive authentication data This issue affects Apache StreamPark: from 2.0.0 before 2.1.7. Users are...

8.7CVSS7AI score0.00025EPSS
Exploits0References5
CVE
CVEadded 2025/10/22 2:32 p.m.5 views

CVE-2025-59580

The CVE covers the WordPress Goodlayers Core plugin (goodlayers-core) with a Privilege Escalation due to Incorrect Privilege Assignment in versions prior to 2.1.7. The issue is classified as high severity (CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and affects the plugin by allowing privilege...

8.8CVSS6.6AI score0.00093EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/12/12 6:0 a.m.19 views

CVE-2024-9641 LuckyWP Table of Contents < 2.1.7 - Admin+ Stored XSS

The LuckyWP Table of Contents WordPress plugin before 2.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.0017EPSS
Exploits1References1
CNNVD
CNNVDadded 2024/09/02 12:0 a.m.3 views

GitHub Actions Toolkit 路径遍历漏洞

GitHub Actions Toolkit is a Github Actions open source toolkit for GitHub Actions. A path traversal vulnerability exists in GitHub Actions Toolkit versions prior to 2.1.7. An attacker exploiting this vulnerability could read arbitrary files on the server running the application...

7.5CVSS6.3AI score0.05412EPSS
Exploits4References8
Positive Technologies
Positive Technologiesadded 2020/07/30 12:0 a.m.3 views

PT-2020-14779 · Nagios · Nagios Log Server

Name of the Vulnerable Software and Affected Versions: Nagios Log Server versions prior to 2.1.7 Description: A Stored XSS issue exists via the Notification Methods - Email Users menu. Recommendations: For versions prior to 2.1.7, update to version 2.1.7 or later to resolve the issue...

5.4CVSS5.2AI score0.06573EPSS
Exploits3References5
NVD
NVDadded 2014/10/20 3:55 p.m.13 views

CVE-2012-5701

Multiple SQL injection vulnerabilities in dotProject before 2.1.7 allow remote authenticated administrators to execute arbitrary SQL commands via the 1 searchstring or 2 where parameter in a contacts action, 3 deptid parameter in a departments action, 4 projectid parameter in a project action, or...

6.8CVSS8.1AI score0.02305EPSS
Exploits3References6
Rows per page
Query Builder