Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2026/05/27 12:0 a.m.6 views

Nocturne Memory 访问控制错误漏洞

Nocturne Memory is an AI long-term memory server developed by Niwato. Versions prior to Nocturne Memory 2.4.1 contained an access control vulnerability. This vulnerability occurred when the APITOKEN was not set or was empty, allowing the BearerTokenAuthMiddleware to bypass identity verification f...

8.7CVSS5.8AI score0.00215EPSS
Exploits0References1
OSV
OSVadded 2026/05/20 3:33 p.m.5 views

GHSA-GJ84-924C-48FX Algernon: Auto-refresh SSE event server binds to all interfaces by default on Linux/macOS

Summary The SSE event server bound to 0.0.0.0:5553 on Linux/macOS by default because the platform-dependent host default in engine/flags.go:39-46 set host = "" for non-Windows, and utils.JoinHostPort"", ":5553" resolves to ":5553" — a Go http.Server.Addr of ":5553" listens on every interface. On...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References2
OSV
OSVadded 2025/08/11 1:51 p.m.3 views

BIT-LIBPYTHON-2021-4189

A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecti...

5.3CVSS6.7AI score0.02387EPSS
Exploits0References11
CNNVD
CNNVDadded 2024/12/08 12:0 a.m.2 views

MailCleaner 安全漏洞

MailCleaner is an anti-virus e-mail gateway from MailCleaner, Inc. MailCleaner has a security vulnerability that originates from the default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key not being changed after installation...

9.8CVSS6.7AI score0.00562EPSS
Exploits0References3
NVD
NVDadded 2021/06/08 3:15 p.m.10 views

CVE-2021-33190

In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in order to facilitate users to configure external network access. In the IP allowed list restriction, a risky function was used for the IP acquisition, which made it possible to bypass the network limi...

5.3CVSS0.02694EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2015/07/02 12:0 a.m.58 views

Cisco Ironport Security Appliance Default Host Key Vulnerability

The remote Cisco security appliance uses a default host key that is shared among all installations of the product. An unauthenticated, remote attacker with knowledge of the private key can impersonate other devices or perform a man-in-the-middle attack between this host and other virtual security...

4.3CVSS5.5AI score0.02241EPSS
Exploits0References2
CNVD
CNVDadded 2015/06/17 12:0 a.m.3 views

Cisco Cloud Portal Default SSH HOST Key Man-in-the-Middle Attack Vulnerability

Cisco Cloud Portal is a cloud portal for data center services. Cisco Cloud Portal has a security vulnerability due to the system using a default host key for SSH communication. A remote attacker could modify the target system data through a man-in-the-middle attack...

4.3CVSS6.9AI score0.01331EPSS
Exploits0References1
Rows per page
Query Builder