Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/05/05 8:21 p.m.3 views

CVE-2026-42221

Nginx UI is a web user interface for the Nginx web server. From version 2.0.0 to before version 2.3.8, an unauthenticated network attacker can claim the initial administrator account on a fresh nginx-ui instance during the first-run setup window. The public /api/install endpoint is reachable...

9.8CVSS5.8AI score0.00096EPSS
Exploits1References1
Patchstack
Patchstackadded 2026/04/08 7:32 a.m.2 views

WordPress SQL Chart Builder plugin < 2.3.8 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by dangnosuy in WordPress Plugin SQL Chart Builder versions 2.3.8...

6.5CVSS5.9AI score0.00036EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2025/10/16 12:0 a.m.1 views

Webkul Software Bagisto 安全漏洞

Webkul Software Bagisto is an open source e-commerce framework from Webkul Software, India. A security vulnerability exists in Webkul Software Bagisto versions prior to 2.3.8, which stems from incorrect handling of spreadsheet formula characters and could lead to data exfiltration and remote...

8.5CVSS6.9AI score0.00173EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/09/03 12:0 a.m.0 views

Linux Distros Unpatched Vulnerability : CVE-2015-3154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CRLF injection vulnerability in Zend\Mail ZendMail in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject...

6.1CVSS7.7AI score0.00274EPSS
Exploits1References2
Patchstack
Patchstackadded 2024/04/15 1:5 p.m.1 views

WordPress Testimonial Slider plugin < 2.3.8 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Testimonial Slider versions 2.3.8...

5.4CVSS7.6AI score0.00319EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologiesadded 2023/09/20 12:0 a.m.1 views

PT-2023-28157 · Corecode · Macupdater

Name of the Vulnerable Software and Affected Versions: CoreCode MacUpdater versions prior to 2.3.8 CoreCode MacUpdater versions 3.x prior to 3.1.2 Description: An XPC misconfiguration issue allows attackers to escalate privileges by crafting malicious .pkg files. Recommendations: For versions pri...

7.8CVSS7.7AI score0.0005EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2023/02/09 12:0 a.m.1 views

PT-2023-16507 · Cockpit · Cockpit

Name of the Vulnerable Software and Affected Versions: cockpit versions prior to 2.3.8 Description: The issue concerns a Privilege Chaining problem in the GitHub repository cockpit-hq/cockpit. Recommendations: For versions prior to 2.3.8, update to version 2.3.8 or later to resolve the issue...

8.8CVSS5.6AI score0.0013EPSS
Exploits1References8
Rows per page
Query Builder