Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:49 a.m.7 views

CVE-2022-37033

In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. In resolving this URL, the TempFileAPI follows any 302 redirects that the remote URL returns. Because there is no...

6.5CVSS6.7AI score0.00843EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:29 a.m.8 views

CVE-2019-12309

dotCMS before 5.1.0 has a path traversal vulnerability exploitable by an administrator to create files. The vulnerability is caused by the insecure extraction of a ZIP archive...

4.9CVSS6.8AI score0.01279EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-11243

Malware in sbrugna...

5.4CVSS5.5AI score0.00597EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2017-3087

Malware in sbrugna...

9CVSS7AI score0.07695EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2018-8766

Malware in sbrugna...

6.1CVSS6.2AI score0.00843EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-6679

Malware in sbrugna...

5.4CVSS5.5AI score0.00513EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2016-1205

Malware in sbrugna...

7.2CVSS6.9AI score0.01307EPSS
Exploits3References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2016-4981

Malware in sbrugna...

4CVSS4.2AI score0.01468EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-15071

Malware in sbrugna...

6.1CVSS6.3AI score0.00761EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.7 views

EUVD-2017-14449

Malware in sbrugna...

9.8CVSS9.3AI score0.06304EPSS
Exploits6References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2016-5786

Malware in sbrugna...

7.5CVSS7.8AI score0.02201EPSS
Exploits2References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-12315

Malware in sbrugna...

9.3CVSS8.2AI score0.06546EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-3946

Malware in sbrugna...

4.9CVSS5.1AI score0.01279EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-12314

Malware in sbrugna...

6.5CVSS7.2AI score0.02788EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-12313

Malware in sbrugna...

8.8CVSS7.4AI score0.01139EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-38613

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.01192EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEVadded 2025/09/04 12:0 a.m.8 views

VulnCheck KEV: CVE-2025-8311

dotCMS versions 24.03.22 and after, identified a Boolean-based blind SQLi vulnerability in the /api/v1/contenttype endpoint. This endpoint uses the sites query parameter, which accepts a comma-separated list of site identifiers or keys. The vulnerability was triggered via the sites parameter, whi...

9.4CVSS5.8AI score0.01558EPSS
In wildExploits4References2
RedhatCVE
RedhatCVEadded 2025/05/23 2:12 a.m.5 views

CVE-2023-3042

In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes // from URLs, potentially enabling bypasses for XSS and access controls. An example affected URL is https://demo.dotcms.com//html/portlet/ext/files/edittextinc.jsp , which should return a 404 response b...

6.1CVSS6.1AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:4 a.m.7 views

CVE-2022-37034

In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file. If done repeatedly, this will result in Tomcat request-thread exhaustion and ultimately a denial of any other requests...

5.3CVSS6.8AI score0.00875EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/22 5:4 p.m.7 views

CVE-2020-19138

Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component "/src/main/java/com/dotmarketing/filters/CMSFilter.java"...

10CVSS8AI score0.0556EPSS
Exploits1
Rows per page
Query Builder