Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/03/29 11:13 a.m.1 views

CVE-2026-33638

Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to version 4.2.0, GET /api/allusers is mounted as a public endpoint and returns user records without authentication. This allows remote unauthenticated user enumeration and exposure of user profile metadata. ...

5.3CVSS5.9AI score0.00027EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/26 8:52 p.m.1 views

CVE-2026-33638

Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to version 4.2.0, GET /api/allusers is mounted as a public endpoint and returns user records without authentication. This allows remote unauthenticated user enumeration and exposure of user profile metadata. ...

5.3CVSS5.8AI score0.00027EPSS
Exploits0References4Affected Software1
CNNVD
CNNVDadded 2025/10/30 12:0 a.m.2 views

Nagios Fusion 安全漏洞

Nagios Fusion is a centralized monitoring and visualization platform from the US-based Nagios, Inc. A security vulnerability exists in Nagios Fusion versions prior to 4.2.0, which stems from an uncleaned user input in the LDAP/AD authentication server configuration and could lead to a stored...

6.2CVSS6.1AI score0.0123EPSS
Exploits0References4
NVD
NVDadded 2025/10/22 3:16 p.m.4 views

CVE-2025-62058

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through 4.2.0...

6.5CVSS0.0003EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2025/07/11 7:0 a.m.3 views

A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

...

7.5CVSS7AI score0.00427EPSS
Exploits0
CNNVD
CNNVDadded 2025/06/02 12:0 a.m.2 views

WordPress plugin WP-Optimize 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.1CVSS6.5AI score0.00188EPSS
Exploits1References2
CNVD
CNVDadded 2018/09/20 12:0 a.m.2 views

Apache Karaf Security Bypass Vulnerability

Apache Karaf is the United States Apache Apache Software Foundation for the deployment of applications and components of a lightweight OSGi Java Dynamic Modular System container. A security vulnerability exists in Apache Karaf versions prior to 4.2.0. An attacker could exploit the vulnerability t...

9CVSS8.6AI score0.00755EPSS
Exploits0References1
Rows per page
Query Builder