Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

890 matches found

Nuclei
Nucleiadded yesterday941 views

Roundcube Webmail - Remote Code Execution

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization. id: CVE-2025-49113 info: name: Roundcube Webmail - Remote...

9.9CVSS8AI score0.89462EPSS
Exploits29References8
Nuclei
Nucleiadded 2026/06/16 7:13 a.m.133 views

GiveWP - PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. id: CVE-2024-5932 info: name: GiveWP - PHP Object Injection author:...

10CVSS8.8AI score0.74427EPSS
Exploits11References7
GithubExploit
GithubExploitadded 2026/05/04 11:19 a.m.64 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 cPanel & WHM Verification Tool This repository...

9.8CVSS6.1AI score0.981EPSS
Exploits63
RedhatCVE
RedhatCVEadded 2026/01/07 9:18 a.m.6 views

CVE-2025-1117

A vulnerability, which was classified as critical, was found in CoinRemitter 0.0.1/0.0.2 on OpenCart. This affects an unknown part. The manipulation of the argument coin leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

7.5CVSS7.3AI score0.00404EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:18 a.m.19 views

CVE-2025-1902

A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has...

9.8CVSS7.7AI score0.00559EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:17 a.m.13 views

CVE-2025-1106

A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the function deletediraction/restoreaction in the library lib/admin/databaseadmin.php. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to...

6.5CVSS6.7AI score0.00903EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:17 a.m.9 views

CVE-2025-1583

A vulnerability classified as critical has been found in PHPGurukul Online Nurse Hiring System 1.0. This affects an unknown part of the file /admin/search-report-details.php. The manipulation of the argument searchinput leads to sql injection. It is possible to initiate the attack remotely. The...

9.8CVSS7.3AI score0.00501EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:12 a.m.17 views

CVE-2025-1898

A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The...

7.5CVSS7.3AI score0.00768EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:11 a.m.16 views

CVE-2025-1899

A vulnerability has been found in Tenda TX3 16.03.13.11multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit...

7.5CVSS7.3AI score0.00664EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:9 a.m.9 views

CVE-2024-2856

A vulnerability, which was classified as critical, has been found in Tenda AC10 16.03.10.13/16.03.10.20. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack may be...

9.8CVSS9.6AI score0.01159EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:9 a.m.8 views

CVE-2024-2979

A vulnerability classified as critical was found in Tenda F1203 2.0.1.6. This vulnerability affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be initiated remotely...

9CVSS7AI score0.01669EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:9 a.m.12 views

CVE-2024-2708

A vulnerability was found in Tenda AC10U 15.03.06.49 and classified as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has be...

9CVSS8.8AI score0.0148EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:9 a.m.8 views

CVE-2024-2983

A vulnerability was found in Tenda FH1202 1.2.0.14408 and classified as critical. Affected by this issue is the function formSetClientState of the file /goform/SetClientState. The manipulation of the argument deviceId/limitSpeed/limitSpeedUp leads to stack-based buffer overflow. The attack may be...

9CVSS8.8AI score0.01755EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:9 a.m.7 views

CVE-2024-2930

A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=savemusic. The manipulation leads to unrestricted upload. The attack can be launched remotely. The...

9.8CVSS9.6AI score0.01182EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:8 a.m.8 views

CVE-2024-2808

A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiate...

9.8CVSS9.6AI score0.01372EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:8 a.m.6 views

CVE-2024-2987

A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14408. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

9CVSS8.9AI score0.01584EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2020-24025

Malware in sbrugna...

8.8CVSS7.6AI score0.00228EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2017-0864

Malware in sbrugna...

9.3CVSS7.7AI score0.01839EPSS
Exploits3References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2014-1194

Malware in sbrugna...

7.8CVSS7.6AI score0.00492EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2016-9266

Malware in sbrugna...

10CVSS9.4AI score0.0273EPSS
Exploits0References4
Rows per page
Query Builder