Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/03/25 11:16 a.m.2 views

CVE-2026-23365

In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

5.5CVSS0.00031EPSS
Exploits0References8
OSV
OSVadded 2026/03/25 11:16 a.m.2 views

UBUNTU-CVE-2026-23365

In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

5.5CVSS5.8AI score0.00031EPSS
Exploits0References9
Cvelist
Cvelistadded 2026/03/25 10:27 a.m.20 views

CVE-2026-23312 net: usb: kaweth: validate USB endpoints

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: validate USB endpoints The kaweth driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

0.00037EPSS
Exploits0References8
OSV
OSVadded 2023/10/24 4:45 p.m.15 views

GO-2023-2114 Cross-site scripting via missing binding syntax validation in github.com/crewjam/saml

The package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the ACS endpoint definition, achieving Cross-Site-Scripting XSS in the IdP context durin...

7.1CVSS6AI score0.00285EPSS
Exploits0References2
OSV
OSVadded 2023/10/17 2:20 p.m.15 views

GHSA-267V-3V32-G6Q5 Cross-site Scripting via missing Binding syntax validation

Impact The package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the ACS endpoint definition, achieving Cross-Site-Scripting XSS in the IdP contex...

7.1CVSS6AI score0.00285EPSS
Exploits0References4
Cvelist
Cvelistadded 2023/10/16 6:13 p.m.11 views

CVE-2023-45683 Cross site scripting via missing binding syntax validation In ACS location in github.com/crewjam/saml

github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the...

7.1CVSS6.8AI score0.00285EPSS
Exploits0References2
CNNVD
CNNVDadded 2021/12/14 12:0 a.m.2 views

Seafile 安全漏洞

Seafile is an open source enterprise cloud disk from Haven Hootsuite Network Technologies. The product features Markdown WYSIWYG editing, Wiki, file labeling, and more. Seafile has a security vulnerability that stems from the use of synchronization tokens in the Seafile file synchronization...

7.4CVSS6AI score0.00306EPSS
Exploits0References2
Rows per page
Query Builder