Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/02/21 12:0 a.m.3 views

OpenClaw 代码问题漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a code issue vulnerability that stems from a Cron webhook delivery using fetch direct call, which can be exploited by an attacker to cause the webhook target to access private or internal endpoints...

7.3CVSS5.8AI score0.00018EPSS
Exploits0References3
Microsoft CVE
Microsoft CVEadded 2024/09/11 7:0 a.m.3 views

md/dm-raid: don't call md_reap_sync_thread() directly

...

5.5CVSS7.6AI score0.00008EPSS
Exploits0
OSV
OSVadded 2024/05/17 2:15 p.m.0 views

AZL-62827 CVE-2024-35808 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call mdreapsyncthread directly Currently mdreapsyncthread is called from raidmessage directly without holding 'reconfigmutex', this is definitely unsafe because mdreapsyncthread can change many fields that is...

5.5CVSS6.1AI score0.00008EPSS
Exploits0References1
Prion
Prionadded 2022/08/22 3:15 p.m.14 views

Cross site scripting

The Rezgo Online Booking WordPress plugin before 4.1.8 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting, which can be exploited either via a LFI in an AJAX action, or direct call to the affected file...

5.8CVSS6.2AI score0.0021EPSS
Exploits2References1Affected Software1
wpexploit
wpexploitadded 2022/07/26 12:0 a.m.469 views

Rezgo Online Booking < 4.1.8 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting, which can be exploited either via a LFI in an AJAX action, or direct call to the affected file Direct call:...

6.1CVSS0.4AI score0.0021EPSS
Exploits2
WPVulnDB
WPVulnDBadded 2022/07/26 12:0 a.m.11 views

Rezgo Online Booking < 4.1.8 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting, which can be exploited either via a LFI in an AJAX action, or direct call to the affected file PoC Direct call:...

6.1CVSS0.1AI score0.0021EPSS
Exploits2Affected Software1
Code423n4
Code423n4added 2021/11/15 12:0 a.m.8 views

BasePool.swap() Is Callable By Anyone

Handle leastwood Vulnerability details Impact The BasePool.swap function differs from its implementation in BasePoolV2.swap in which it lacks an onlyRouter modifier. This ensures that users cannot call this function directly as VaderRouter.swap performs some necessary input validation which can b...

7.1AI score
Exploits0
0day.today
0day.todayadded 2015/08/25 12:0 a.m.27 views

Microsoft Office 2007 OneTableDocumentStream Invalid Object Exploit

Microsoft Office 2007 suffers from a OneTableDocumentStream invalid object vulnerability. Source: https://code.google.com/p/google-security-research/issues/detail?id=171&can=1 The following access violation was observed in Microsoft Office 2007 Word document: 8c0.e68: Access violation - code...

9.3CVSS6.4AI score0.68596EPSS
Exploits1
Rows per page
Query Builder