Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:49 a.m.3 views

CVE-2022-37033

In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. In resolving this URL, the TempFileAPI follows any 302 redirects that the remote URL returns. Because there is no...

6.5CVSS6.7AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:29 a.m.6 views

CVE-2019-12309

dotCMS before 5.1.0 has a path traversal vulnerability exploitable by an administrator to create files. The vulnerability is caused by the insecure extraction of a ZIP archive...

4.9CVSS6.8AI score0.00329EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-5786

Malware in sbrugna...

7.5CVSS7.8AI score0.00398EPSS
Exploits2References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-11243

Malware in sbrugna...

5.4CVSS5.5AI score0.00162EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2017-14449

Malware in sbrugna...

9.8CVSS9.3AI score0.08148EPSS
Exploits6References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-12315

Malware in sbrugna...

9.3CVSS8.2AI score0.06805EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-8766

Malware in sbrugna...

6.1CVSS6.2AI score0.00184EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-15071

Malware in sbrugna...

6.1CVSS6.3AI score0.00234EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-12314

Malware in sbrugna...

6.5CVSS7.2AI score0.01674EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-3946

Malware in sbrugna...

4.9CVSS5.1AI score0.00329EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2017-3087

Malware in sbrugna...

9CVSS7AI score0.03053EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-6679

Malware in sbrugna...

5.4CVSS5.5AI score0.00193EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2016-1205

Malware in sbrugna...

7.2CVSS6.9AI score0.00456EPSS
Exploits3References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-4981

Malware in sbrugna...

4CVSS4.2AI score0.00101EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-12313

Malware in sbrugna...

8.8CVSS7.4AI score0.00273EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-38613

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.0102EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEVadded 2025/09/04 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-8311

dotCMS versions 24.03.22 and after, identified a Boolean-based blind SQLi vulnerability in the /api/v1/contenttype endpoint. This endpoint uses the sites query parameter, which accepts a comma-separated list of site identifiers or keys. The vulnerability was triggered via the sites parameter, whi...

9.4CVSS5.8AI score0.02198EPSS
In wildExploits4References2
RedhatCVE
RedhatCVEadded 2025/05/23 2:12 a.m.5 views

CVE-2023-3042

In dotCMS, versions mentioned, a flaw in the NormalizationFilter does not strip double slashes // from URLs, potentially enabling bypasses for XSS and access controls. An example affected URL is https://demo.dotcms.com//html/portlet/ext/files/edittextinc.jsp , which should return a 404 response b...

6.1CVSS6.1AI score0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:4 a.m.6 views

CVE-2022-37034

In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file. If done repeatedly, this will result in Tomcat request-thread exhaustion and ultimately a denial of any other requests...

5.3CVSS6.8AI score0.00377EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/22 5:4 p.m.4 views

CVE-2020-19138

Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and earlier allow remote attackers to execute arbitrary code via the component "/src/main/java/com/dotmarketing/filters/CMSFilter.java"...

10CVSS8AI score0.09294EPSS
Exploits1
Rows per page
Query Builder