Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2026/05/18 1:48 p.m.29 views

CVE-2026-41947 Dify < 1.14.2 Authorization Bypass via Trace Configuration Endpoints

Dify before version 1.14.2 contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any application regardless of tenant ownership. Attackers can exploit missing tenant ownership checks in the trace configuration endpoints to...

9.3CVSS0.00038EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-10734

Malware in sbrugna...

6.8CVSS6.5AI score0.02739EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/05/05 12:0 a.m.20 views

PT-2023-23176 · Mage Ai · Mage Ai

Name of the Vulnerable Software and Affected Versions: mage-ai versions 0.8.34 through 0.8.71 Description: The issue affects mage-ai, an open-source data pipeline tool, when used with user authentication enabled. It allows the terminal to be accessed by users who are not signed in or do not have...

9.8CVSS9.4AI score0.00216EPSS
Exploits0References10
Patchstack
Patchstackadded 2021/10/04 12:0 a.m.11 views

WordPress Logo Slider and Showcase plugin <= 1.3.36 - Plugin Settings Update by editor users vulnerability

Plugin Settings Update by editor users vulnerability discovered by apple502j in WordPress Logo Slider and Showcase plugin versions = 1.3.36. Solution Update the WordPress Logo Slider and Showcase plugin to the latest available version at least 1.3.37...

3.1AI score0.0019EPSS
Exploits2References3Affected Software1
OSV
OSVadded 2021/08/25 3:27 p.m.2 views

DRUPAL-CONTRIB-2021-026

The Webform module uses the CKEditor, library for WYSIWYG editing. CKEditor has released a security update that impacts Webform. An attacker that can create or edit content even without access to CKEditor themselves may be able to exploit one or more Cross-Site Scripting XSS vulnerabilities to...

6.1AI score
Exploits0References1
OSV
OSVadded 2021/06/07 11:15 a.m.1 views

CVE-2021-24336

The FlightLog WordPress plugin through 3.0.2 does not sanitise, validate or escape various POST parameters before using them a SQL statement, leading to SQL injections exploitable by editor and administrator users...

7.2CVSS7.2AI score
Exploits0References2
OSV
OSVadded 2020/01/09 9:15 p.m.7 views

CVE-2019-20180

The TablePress plugin 1.9.2 for WordPress allows tablepressdata CSV injection by Editor users. Note: The vendor disputes this issue and argues that this responsibility lies with the application that opens the CSV file and not TablePress...

6.8CVSS6.8AI score0.02739EPSS
Exploits0References3
Prion
Prionadded 2020/01/09 9:15 p.m.12 views

Design/Logic Flaw

The TablePress plugin 1.9.2 for WordPress allows tablepressdata CSV injection by Editor users...

6CVSS6.9AI score0.02739EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2020/01/09 12:0 a.m.9 views

CVE-2019-20180

The TablePress plugin 1.9.2 for WordPress allows tablepressdata CSV injection by Editor users. Note: The vendor disputes this issue and argues that this responsibility lies with the application that opens the CSV file and not TablePress...

7.3AI score0.02739EPSS
Exploits0References3
Rows per page
Query Builder