Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/05/04 1:12 p.m.3 views

JLSEC-2026-394

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...

9.8CVSS6.8AI score0.00233EPSS
Exploits1References16
Positive Technologies
Positive Technologiesadded 2026/01/01 12:0 a.m.4 views

PT-2026-6747

Name of the Vulnerable Software and Affected Versions Asterisk versions prior to 20.7-cert9 Asterisk versions prior to 20.18.2 Asterisk versions prior to 21.12.1 Asterisk versions prior to 22.8.2 Asterisk versions prior to 23.2.2 Description Asterisk is a private branch exchange and telephony...

3.5CVSS5.5AI score0.00051EPSS
Exploits0References7
Ubuntu
Ubuntuadded 2025/06/09 2:59 p.m.7 views

USN-7562-1: Tomcat vulnerabilities

It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. This issue was fixed for tomcat8 on Ubuntu 18.04 LTS and for tomcat9 on...

8.6CVSS7.5AI score0.70951EPSS
Exploits6
RedHat Linux
RedHat Linuxadded 2022/12/08 1:8 p.m.1 views

curl: Unpreserved file permissions

A vulnerability was found in curl. This issue occurs because when curl saves cookies, alt-svc, and HSTS data to local files, it makes the operation atomic by finalizing the process with a rename from a temporary name to the final target file name. This flaw leads to unpreserved file permissions,...

9.8CVSS6.7AI score0.00233EPSS
Exploits1References5
Microsoft CVE
Microsoft CVEadded 2022/07/19 7:0 a.m.1 views

When curl < 7.84.0 saves cookies alt-svc and hsts data to local files it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation it might accidentally *widen* the permissions for the target file leaving the updated file accessible to more users than intended.

...

9.8CVSS7.5AI score0.00233EPSS
Exploits1
OSV
OSVadded 2022/06/27 12:0 a.m.1 views

UBUNTU-CVE-2022-32207

When curl 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the...

9.8CVSS6.8AI score0.00233EPSS
Exploits1References4
PyPA
PyPAadded 2021/03/26 8:15 p.m.3 views

PYSEC-2021-133

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting XSS attacks. The...

8.2CVSS6.1AI score0.00505EPSS
Exploits0References4Affected Software1
CNVD
CNVDadded 2020/10/13 12:0 a.m.1 views

Storage-based Cross-site Scripting Vulnerability in NetCloud Original Novel PC System

Ltd. is the pioneer of professional net article all-platform technology service. A storage-based cross-site scripting vulnerability exists in the NetCloud Original Novel PC system. Attackers can utilize the vulnerability to obtain sensitive information such as user cookies...

6.1AI score
Exploits0
Rows per page
Query Builder