Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

86 matches found

Check Point Advisories
Check Point Advisoriesadded 2017/10/20 12:0 a.m.1 views

Microsoft Office DDE Remote Code Execution

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to the DDE feature that allows an Office application to load data from other Office applications. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted ema...

3.4AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2017/04/03 9:2 p.m.1 views

swagger-ui: cross-site scripting in key names

It was found that swagger-ui contains a cross site scripting XSS vulnerability in the key names in the JSON document. An attacker could use this flaw to supply a key name with script tags which could cause arbitrary code execution. Additionally it is possible to load the arbitrary JSON files...

6.1CVSS5.5AI score0.04036EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2017/03/16 4:32 a.m.1 views

Security guide for website operators vulnerable to OS command injection

Overview Security guide for website operators provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains an OS command injection vulnerability CWE-78 due to an issue in loading saved data. This vulnerability was reported by IPA to notify users of its solution through JVN. JPCERT/CC a...

8.8CVSS7.6AI score0.01596EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2016/08/31 12:0 a.m.26 views

JVN#85213412: Multiple AKABEi SOFT2 LTD. games vulnerable to OS command injection

Multiple games provided by AKABEi SOFT2 LTD. contain an OS command injection vulnerability CWE-78 due to an issue in loading saved data. Impact When specially crafted saved data is loaded, an arbitrary OS command may be executed. Solution Apply a Workaround The following workaround can mitigate t...

7.8CVSS7.7AI score0.01534EPSS
Exploits0
BDU FSTEC
BDU FSTECadded 2015/08/07 12:0 a.m.4 views

The vulnerability of the Moodle learning management system allows a hacker to bypass access restrictions for managing files.

The vulnerability of the files/externallib.php sub-component of the Moodle learning management system is related to deficiencies in access control for certain functions. Exploiting this vulnerability could allow a malicious actor to circumvent access restrictions to file management by using web...

4CVSS7.2AI score0.01712EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessusadded 2014/03/17 12:0 a.m.13 views

Fedora 20 : ReviewBoard-1.7.22-2.fc20 (2014-3446)

New upstream security release 1.7.22 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.22/ - Security Fixes : - An XSS vulnerability was found in the Search field's auto-complete. - New Features : - Added support for anonymous access to public Local Sites. - Added support for...

5.5AI score
Exploits0References2
Rows per page
Query Builder