Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5152 matches found

Nuclei
Nucleiadded yesterday30 views

Uniview NVR301-04S2-P4 - Cross-Site Scripting

Uniview NVR301-04S2-P4 contains a reflected cross-site scripting vulnerability via the PATH of LAPI. CISA and Uniview state that this vulnerability needs to be authenticated. This is incorrect. Any PATH payload can cause XSS. A submission to Mitre has been sent to update the verbiage in the findi...

5.4CVSS5.6AI score0.009EPSS
Exploits0References2
Nuclei
Nucleiadded 5 days ago79 views

EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution

EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655,...

9.8CVSS9.2AI score0.91874EPSS
Exploits13References5
The Hacker News
The Hacker Newsadded 6 days ago11 views

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor JCE to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as...

10CVSS6.2AI score0.06854EPSS
Exploits10
Nuclei
Nucleiadded 2026/06/16 7:13 a.m.27 views

SolarWinds Security Event Manager - Unauthenticated RCE

The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution. id: CVE-2024-0692 info: name: SolarWinds Security Event Manager - Unauthenticated RCE...

8.8CVSS8.6AI score0.91557EPSS
Exploits1References1
ICS
ICSadded 2026/05/28 6:0 a.m.11 views

XCharge C6

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to gain administrator rights or execute code on the affected device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities...

6.3AI score
Exploits0References13
Circl
Circladded 2026/05/26 5:0 a.m.10 views

CVE-2023-46814

creationtimestamp| type| source ---|---|--- 2026-05-26 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-146-05...

7.8CVSS7.1AI score0.00281EPSS
Exploits0References1
Circl
Circladded 2026/05/26 5:0 a.m.6 views

CVE-2019-5459

creationtimestamp| type| source ---|---|--- 2026-05-26 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-146-05...

7.1CVSS7.1AI score0.02812EPSS
Exploits1References1
Circl
Circladded 2026/05/26 5:0 a.m.7 views

CVE-2019-5460

creationtimestamp| type| source ---|---|--- 2026-05-26 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-146-05...

5.5CVSS6.8AI score0.02528EPSS
Exploits1References1
Circl
Circladded 2026/05/21 5:0 a.m.5 views

CVE-2016-6153

creationtimestamp| type| source ---|---|--- 2026-05-21 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-03...

5.9CVSS6.6AI score0.00492EPSS
Exploits0References1
Circl
Circladded 2026/05/21 5:0 a.m.4 views

CVE-2015-3416

creationtimestamp| type| source ---|---|--- 2026-05-21 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-03...

7.5CVSS6.6AI score0.05531EPSS
Exploits0References1
Circl
Circladded 2026/05/21 5:0 a.m.3 views

CVE-2015-6607

creationtimestamp| type| source ---|---|--- 2026-05-21 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-03...

6.8CVSS6.8AI score0.01554EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/20 12:0 a.m.9 views

PT-2026-42146

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4 Description An issue exists where the Symbol.for override in setup-sandbox.js only intercepts a small portion of dangerous Node.js cross-realm symbols. This is compounded by the bridge's set, defineProperty, and...

8.7CVSS5.2AI score0.00442EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/05/20 12:0 a.m.10 views

PT-2026-42147

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4 Description A security check in nodevm.js designed to block the combination of nesting: true and require: false is bypassed because it uses strict equality options.require === false. If the require option is omitte...

10CVSS6AI score0.00705EPSS
Exploits0References12
Circl
Circladded 2026/05/19 5:0 a.m.7 views

CVE-2026-8603

creationtimestamp| type| source ---|---|--- 2026-05-19 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-03 2026-05-19 20:16:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mma7gqdcuo2c 2026-06-22 01:32:05+00:00| seen|...

9.8CVSS5.8AI score0.01317EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletinsadded 2026/05/18 8:53 p.m.14 views

Security Bulletin: glibc vulnerability

Summary Prior versions of Classic Remote Capture may include this vulnerability. Vulnerability Details CVEID:CVE-2025-15281 DESCRIPTION: Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized...

7.5CVSS6.9AI score0.00286EPSS
Exploits0Affected Software1
Krebs on Security
Krebs on Securityadded 2026/05/18 8:48 p.m.14 views

CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency CISA maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive...

5.8AI score
Exploits0
Information Security Automation
Information Security Automationadded 2026/05/14 10:0 a.m.8 views

About Remote Code Execution - Apache ActiveMQ (CVE-2026-34197) vulnerability

About Remote Code Execution - Apache ActiveMQ CVE-2026-34197 vulnerability. Apache ActiveMQ is a popular open-source message broker written in Java. Its main purpose is to send messages between different services, systems, and microservices without a direct connection between them. This...

8.8CVSS6.8AI score0.87048EPSS
Exploits12
Circl
Circladded 2026/05/14 10:0 a.m.4 views

CVE-2019-13106

creationtimestamp| type| source ---|---|--- 2026-05-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-16...

8.3CVSS7AI score0.0175EPSS
Exploits0References1
Circl
Circladded 2026/05/14 10:0 a.m.4 views

CVE-2019-14198

creationtimestamp| type| source ---|---|--- 2026-05-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-16...

9.8CVSS6.9AI score0.02331EPSS
Exploits0References1
Circl
Circladded 2026/05/14 10:0 a.m.3 views

CVE-2025-38708

creationtimestamp| type| source ---|---|--- 2026-05-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-10...

7.8CVSS7.2AI score0.00157EPSS
Exploits0References1
Rows per page
Query Builder