Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Vulnrichment
Vulnrichmentadded 2026/03/16 8:46 p.m.2 views

CVE-2026-29522 ZwickRoell Test Data Management < 3.0.8 Path Traversal LFI

ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion LFI vulnerability in the /server/nodeupgradesrv.js endpoint. An unauthenticated attacker can supply directory traversal sequences via the firmware parameter to access arbitrary files on the server, leading to...

8.7CVSS5.9AI score0.00149EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/22 3:31 p.m.3 views

EUVD-2025-35383

Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch.This issue affects JobSearch: from n/a through 3.0.8...

6.5AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/10/08 12:0 a.m.4 views

Flowise 路径遍历漏洞

Flowise is a FlowiseAI open source tool for easily building LLM applications. A path traversal vulnerability exists in versions prior to Flowise 3.0.8, which stems from unrestricted file path access in WriteFileTool and ReadFileTool, and could lead to arbitrary file reads and writes and remote...

9.9CVSS6.9AI score0.01058EPSS
Exploits1References4
Patchstack
Patchstackadded 2025/10/03 10:21 a.m.5 views

WordPress JobSearch plugin < 3.0.8 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by ? in WordPress Plugin JobSearch versions 3.0.8...

9.8CVSS7.3AI score0.00097EPSS
Exploits0Affected Software1
CNNVD
CNNVDadded 2025/03/27 12:0 a.m.2 views

tar-fs 安全漏洞

tar-fs is a tar-stream file system bundle. A security vulnerability exists in tar-fs versions prior to 1.16.4, prior to 2.1.2, and prior to 3.0.8, which originates from path traversal when decompressing a malicious tar file...

7.5CVSS7.5AI score0.00806EPSS
Exploits2References4
OSV
OSVadded 2022/02/10 8:38 p.m.1 views

GHSA-3CQR-58RM-57F8 Arbitrary Code Execution in Handlebars

Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars...

8.1CVSS7.5AI score0.00343EPSS
Exploits1References7
Cvelist
Cvelistadded 2021/08/09 8:48 p.m.22 views

CVE-2021-38305

23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. The schema parser uses eval as part of its processing, and tries to protect from malicious expressions by limiting the builtins that are passed to the eval. When processing the schema, each li...

8.1AI score0.0086EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2021/03/23 4:17 p.m.0 views

CVE-2021-23362

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity...

5.3CVSS5.3AI score0.00554EPSS
Exploits1References8
UbuntuCve
UbuntuCveadded 2013/10/10 12:55 a.m.16 views

CVE-2013-2138

The 1 uploadify and 2 flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack...

7.5CVSS5.9AI score0.01207EPSS
Exploits0References2
Rows per page
Query Builder