Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/05/26 9:10 a.m.9 views

MAL-2026-4790 Malicious code in makecoder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf72d8ec7b803169421eb83d7ccbbdcd0af3671592775e25df2f92b33dfde5a4 scripts/postinstall.js runs automatically on npm install. When bun is not already present, it unconditionally executes curl -fsSL...

6.4AI score
Exploits0References3
EUVD
EUVDadded 2026/03/19 10:43 p.m.3 views

EUVD-2026-13355

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, the actionexportCustom function in modules/ModuleBuilder/controller.php fails to properly neutralize path traversal sequences in the $modules and $name...

4.9CVSS5.8AI score0.00329EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Time-of-check Time-of-use (TOCTOU) Race Condition (CVE-2013-4235)

shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory trees This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

4.7CVSS6.7AI score0.00308EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2023/04/19 12:0 a.m.6 views

CVE-2023-29586

Code Sector TeraCopy 3.9.7 does not perform proper access validation on the source folder during a copy operation. This leads to Arbitrary File Read by allowing any user to copy any directory in the system to a directory they control. NOTE: the Supplier disputes this because only admin users can...

5.7AI score0.00317EPSS
Exploits0References4
The Hacker News
The Hacker Newsadded 2022/09/09 8:19 a.m.125 views

Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts

A zero-day flaw in a WordPress plugin called BackupBuddy is being actively exploited, WordPress security company Wordfence has disclosed. "This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information," it...

0.5AI score0.63761EPSS
Exploits2
RedHat Linux
RedHat Linuxadded 2020/11/04 1:31 a.m.0 views

oddjob: race condition in oddjob_selinux_mkdir function in mkhomedir.c can lead to symlink attack

A race condition was found in the mkhomedir tool shipped with the oddjob package. During the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the homedir path. This flaw allows an attacker to...

6.3CVSS5.8AI score0.00293EPSS
Exploits0References4
OSV
OSVadded 2019/12/03 3:15 p.m.2 views

DEBIAN-CVE-2013-4235

shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory trees...

4.7CVSS5.5AI score0.00308EPSS
Exploits0References1
OSV
OSVadded 2019/11/25 2:15 p.m.1 views

DEBIAN-CVE-2012-5630

libuser 0.56 and 0.57 has a TOCTOU time-of-check time-of-use race condition when copying and removing directory trees...

6.3CVSS6.3AI score0.00279EPSS
Exploits0References1
Rows per page
Query Builder