Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded yesterday12 views

CVE-2026-42540

IRIS web collaborative platform suffers a Mass Assignment vulnerability (CVE-2026-42540). Versions prior to 2.4.28 allow an attacker to alter values in the database through manipulated API requests. A fix is available in version 2.4.28. The CVSS 3.1 score is 4.3 (Medium) with Network attack vecto...

4.3CVSS5.8AI score
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 8:54 a.m.4 views

CVE-2021-41170

neoan3-apps/template is a neoan3 minimal template engine. Versions prior to 1.1.1 have allowed for passing in closures directly into the template engine. As a result values that are callable are executed by the template engine. The issue arises if a value has the same name as a method or function...

9.8CVSS6.7AI score0.00524EPSS
Exploits0References1
PyPA
PyPAadded 2024/07/15 5:15 a.m.5 views

PYSEC-2024-62

Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code Execution when retrieving values from the database, the code will attempt to call 'eval' on all values. An attacker can exploit this vulnerability and execute arbitrary python code if the...

8.5CVSS8.1AI score0.13393EPSS
Exploits1References3Affected Software1
Snyk
Snykadded 2024/06/19 12:15 p.m.1 views

Arbitrary Code Execution

Overview langchain-experimental is a package that holds experimental LangChain code, intended for research and experimental uses. Affected versions of this package are vulnerable to Arbitrary Code Execution when retrieving values from the database, the code will attempt to call 'eval' on all...

8.5CVSS8.3AI score0.13393EPSS
Exploits1References2
SUSE CVE
SUSE CVEadded 2023/02/15 5:16 a.m.1 views

SUSE CVE-2015-5330

ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading 1 an error message ...

7.5CVSS6.7AI score0.01625EPSS
Exploits0References13
OSV
OSVadded 2021/11/08 7:15 p.m.9 views

CVE-2021-41170

neoan3-apps/template is a neoan3 minimal template engine. Versions prior to 1.1.1 have allowed for passing in closures directly into the template engine. As a result values that are callable are executed by the template engine. The issue arises if a value has the same name as a method or function...

9.8CVSS6.7AI score
Exploits0References3
NVD
NVDadded 2021/11/08 7:15 p.m.9 views

CVE-2021-41170

neoan3-apps/template is a neoan3 minimal template engine. Versions prior to 1.1.1 have allowed for passing in closures directly into the template engine. As a result values that are callable are executed by the template engine. The issue arises if a value has the same name as a method or function...

9.8CVSS0.00524EPSS
Exploits0References3
CNVD
CNVDadded 2020/02/20 12:0 a.m.0 views

Cisco Cloud Web Security SQL Injection Vulnerability

Cisco Cloud Web Security is a comprehensive cloud-delivered web defense solution. A SQL injection vulnerability exists in the web UI of Cisco Cloud Web Security. The vulnerability stems from the web management interface failing to properly validate SQL values. An authenticated attacker can exploi...

4.9CVSS7.8AI score0.00245EPSS
Exploits0References1
Rows per page
Query Builder