Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2025/07/29 6:30 a.m.2 views

GHSA-W832-W3P8-CW29 z-push/z-push-dev SQL Injection Vulnerability

Versions of the package z-push/z-push-dev before 2.7.6 are vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inject malicious commands by manipulating the username field in basic authentication. This allows the attacker to access and potentially modif...

9.1CVSS7.1AI score0.00389EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2025/02/10 6:4 p.m.5 views

CVE-2025-24032

A flaw was found in the pampkcs11 Linux-PAM login module. If the certpolicy is set to none, which is the default value, then pampkcs11 will only check if the user is capable of logging into the token. This flaw allows an attacker to create a different token with the user's public data, for exampl...

8CVSS6AI score0.00746EPSS
Exploits0References8
OSV
OSVadded 2023/12/08 3:15 p.m.9 views

GHSA-9J5W-2CQC-CWJ9 Magento LTS vulnerable to Stored XSS via TinyMCE WYSIWYG Editor

From HackerOne report 1948040 by Halit AKAYDIN hltakydn Impact What kind of vulnerability is it? Who is impacted? The TinyMCE WYSIWYG editor fails to filter scripts when rendering the HTML in specially crafted HTML tags. Patches Has the problem been patched? What versions should users upgrade to?...

7.5CVSS5.9AI score
Exploits0References5
Cvelist
Cvelistadded 2021/05/04 4:0 p.m.23 views

CVE-2021-29478 Vulnerability in the COPY command for large intsets

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and earlier are not directly...

7.5CVSS9.1AI score0.02337EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2020/04/07 4:56 a.m.43 views

CVE-2019-10082

A read-after-free vulnerability was discovered in Apache httpd, in modhttp2. A specially crafted http/2 client session could cause the server to read memory that was previously freed during connection shutdown, potentially leading to a crash. Mitigation This flaw is only exploitable if Apache htt...

9.1CVSS0.8AI score0.4206EPSS
Exploits0References4
OSV
OSVadded 2017/02/08 3:59 p.m.1 views

UBUNTU-CVE-2017-0450

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it is mitigated by current platform configurations. Product: Android. Versions: N/A...

7.8CVSS7.5AI score0.00078EPSS
Exploits0References3
Rows per page
Query Builder