Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/03/02 8:56 p.m.4 views

GHSA-V8JW-8W5P-23G3 AVideo has Authenticated Remote Code Execution via Unsafe Plugin ZIP Extraction

Summary An authenticated Remote Code Execution RCE vulnerability was identified in AVideo related to the plugin upload/import functionality. The issue allowed an authenticated administrator to upload a specially crafted ZIP archive containing executable server-side files. Due to insufficient...

9.3CVSS6.5AI score0.00324EPSS
Exploits0References5
EUVD
EUVDadded 2025/11/18 8:41 a.m.3 views

EUVD-2025-197928

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

9.1CVSS6.8AI score0.001EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/10/30 12:0 a.m.2 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.7.2 that stems from the upload handler not...

8.8CVSS8AI score0.01651EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/09/30 12:0 a.m.12 views

CVE-2024-28811

An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations...

7.3AI score0.00315EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/10/05 3:12 p.m.19 views

CVE-2023-45160 Elevated Temp Directory Execution in 1E Client

In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. The 1E Client's temporary directory is now locke...

8.8CVSS8.8AI score0.0027EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 4:22 a.m.2 views

SUSE CVE-2018-19486

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory as if '.' were at the end of $PATH in certain cases involving the runcommand API and run-command.c, because there was a dangerous change from execvp to execv during 2017...

4.8CVSS9.6AI score0.00528EPSS
Exploits0References6
Cvelist
Cvelistadded 2022/04/19 11:35 p.m.23 views

CVE-2022-24826 Git LFS can execute a binary from the current directory on Windows

On Windows, if Git LFS operates on a malicious repository with a ..exe file as well as a file named git.exe, and git.exe is not found in PATH, the ..exe program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems. Similarly, if the malicious...

9.8CVSS10AI score0.00264EPSS
Exploits0References2
Rows per page
Query Builder