Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

253 matches found

Vulnrichment
Vulnrichmentadded 2026/05/29 6:15 p.m.10 views

CVE-2026-49374

In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters...

7.6CVSS5.8AI score0.00005EPSS
Exploits0References1
CVE
CVEadded 2026/05/29 6:15 p.m.10 views

CVE-2026-49374

CVE-2026-49374 affects JetBrains TeamCity before 2026.1, where improper permission checks exposed build configuration parameters. The CVSS 3.1 base score is 7.6 (HIGH) with Network attack vector, Low attack complexity, Privileges Required: LOW, and UI none. Impact: Confidentiality HIGH, Integrity...

7.6CVSS5.8AI score0.00005EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2026/05/29 6:15 p.m.9 views

EUVD-2026-33382

In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters...

7.6CVSS5.8AI score0.00005EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/29 6:15 p.m.28 views

CVE-2026-49374

In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters...

7.6CVSS0.00005EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/29 12:0 a.m.5 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1...

7.6CVSS5.9AI score0.00005EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/29 12:0 a.m.5 views

PT-2026-44954

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1 Description Improper permission checks allow for the exposure of build configuration parameters. Recommendations Update to version 2026.1...

7.6CVSS5.8AI score0.00005EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/05/04 12:0 a.m.1 views

HP LaserJet Improper Neutralization of Input During Web Page Generation (CVE-2009-2684)

Multiple cross-site scripting XSS vulnerabilities in Jetdirect and the Embedded Web Server EWS on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the 1 ProductURL or 2 TechURL parameter in an Apply action t...

4.3CVSS5.8AI score0.06501EPSS
Exploits10References3
Cvelist
Cvelistadded 2026/04/24 12:2 a.m.23 views

CVE-2026-40620 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

9.8CVSS0.00109EPSS
Exploits0References3
EUVD
EUVDadded 2026/02/25 3:31 p.m.2 views

EUVD-2026-8653

In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations...

4.3CVSS5.3AI score0.00002EPSS
Exploits0References2
OSV
OSVadded 2026/02/25 2:16 p.m.2 views

CVE-2026-28195

In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations...

4.3CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/25 12:57 p.m.1 views

CVE-2026-28195

In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations...

4.3CVSS5.9AI score0.00002EPSS
Exploits0References2
OSV
OSVadded 2026/02/18 10:16 p.m.2 views

CVE-2019-25398

IPFire 2.21 Core Update 127 contains multiple cross-site scripting vulnerabilities in the ovpnmain.cgi script that allow attackers to inject malicious scripts through VPN configuration parameters. Attackers can submit POST requests with script payloads in parameters like VPNIP, DMTU, ccdname,...

6.1CVSS5.9AI score0.00084EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/02/18 8:59 p.m.1 views

CVE-2019-25398 IPFire 2.21 Core Update 127 Cross-Site Scripting via ovpnmain.cgi

IPFire 2.21 Core Update 127 contains multiple cross-site scripting vulnerabilities in the ovpnmain.cgi script that allow attackers to inject malicious scripts through VPN configuration parameters. Attackers can submit POST requests with script payloads in parameters like VPNIP, DMTU, ccdname,...

6.1CVSS5.6AI score0.00084EPSS
Exploits1References4
Packet Storm
Packet Stormadded 2026/02/18 12:0 a.m.349 views

📄 motionEye 0.43.1b4 Remote Command Injection

A remote command injection vulnerability exists in motionEye versions up to and including 0.43.1b4. The issue arises from improper validation and sanitization of user‑supplied input within camera configuration parameters. Under certain conditions, authenticated users can inject crafted input that...

7.2CVSS6.1AI score0.57917EPSS
Exploits16
Cvelist
Cvelistadded 2026/02/10 5:27 p.m.21 views

CVE-2026-0652 Remote Code Execution on TP-Link Tapo C260 by Guest User

On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. An authenticated attacker can execute arbitrary system commands with high impact on confidentiality, integrity and availability. It may cau...

8.7CVSS0.00178EPSS
Exploits1References3
OSV
OSVadded 2026/01/30 11:16 p.m.1 views

CVE-2020-37026

Sickbeard alpha contains a cross-site request forgery vulnerability that allows attackers to disable authentication by submitting crafted configuration parameters. Attackers can trick users into submitting a malicious form that clears web username and password, effectively removing authentication...

5.3CVSS5.7AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/01/30 10:7 p.m.1 views

CVE-2020-37026 Sickbeard 0.1 - Cross-Site Request Forgery

Sickbeard alpha contains a cross-site request forgery vulnerability that allows attackers to disable authentication by submitting crafted configuration parameters. Attackers can trick users into submitting a malicious form that clears web username and password, effectively removing authentication...

5.3CVSS5.2AI score0.00044EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/01/30 10:7 p.m.2 views

CVE-2020-37026

Sickbeard alpha contains a cross-site request forgery vulnerability that allows attackers to disable authentication by submitting crafted configuration parameters. Attackers can trick users into submitting a malicious form that clears web username and password, effectively removing authentication...

5.3CVSS5.8AI score0.00044EPSS
Exploits0References4Affected Software1
CNNVD
CNNVDadded 2026/01/30 12:0 a.m.1 views

Sick Beard Cross-Site Request Forgery Vulnerability

Sick Beard is a television program download tool developed by Nic Wolfe personally. Sick Beard has a cross-site request forgeing vulnerability, which stems from improper handling of configuration parameters. This vulnerability may allow cross-site request forgeing attacks to disable authenticatio...

5.3CVSS5.7AI score0.00044EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/01/30 12:0 a.m.4 views

PT-2026-5468

Sickbeard alpha contains a cross-site request forgery vulnerability that allows attackers to disable authentication by submitting crafted configuration parameters. Attackers can trick users into submitting a malicious form that clears web username and password, effectively removing authentication...

5.3CVSS5.8AI score0.00044EPSS
Exploits0References5
Rows per page
Query Builder