Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CNNVD
CNNVDadded 2026/04/21 12:0 a.m.5 views

Frappe HR SQL注入漏洞

Frappe HR is an open-source human resources management system developed by Frappe. Versions of Frappe HR prior to 15.54.0 and 14.38.1 contained a SQL injection vulnerability. This vulnerability occurred due to specially crafted requests targeting certain endpoints, allowing attackers to extract...

6.5CVSS5.9AI score0.00041EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/16 6:31 a.m.0 views

EUVD-2023-58146

In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint...

4.3CVSS5.8AI score0.00016EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/04/14 12:0 a.m.3 views

Schneider Electric PowerChute Serial Shutdown 安全漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. A denial of service vulnerability exists in Schneider Electric PowerChute Serial Shutdown, which stems from improperly limiting too many authentication...

6.9CVSS5.9AI score0.00066EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/02/12 12:0 a.m.1 views

PT-2025-7251 · Hypercube · Hypercube

Name of the Vulnerable Software and Affected Versions: hypercube affected versions not specified Description: The issue allows for remote code execution in web-accessible installations of hypercube. To exploit this, an attacker must make a request against hypercube's endpoints. Standard security...

9.5CVSS7.9AI score
Exploits0References3
OSV
OSVadded 2024/08/21 7:15 a.m.0 views

UBUNTU-CVE-2023-52898

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhcifreedev and xhcikillendpointurbs do not race and cause null pointer dereference when host suddenly dies. Usb core may call xhcifreedev which frees the xhci-devssloti...

4.7CVSS5.8AI score0.00007EPSS
Exploits0References9
Hacker One
Hacker Oneadded 2023/10/08 12:45 p.m.22 views

GitHub: GHES Management console EoP (editor to site admin)

Improper privilege management in GitHub Enterprise Server allowed editor role users to escalate privileges by making requests to the bootstrapping endpoint...

8.8CVSS8.9AI score0.005EPSS
Exploits0
OSV
OSVadded 2022/04/28 3:15 p.m.0 views

CVE-2021-43939

Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints...

8.8CVSS7.3AI score0.00073EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/04/19 12:0 a.m.1 views

Elcomplus SmartPPT 安全漏洞

Elcomplus SmartPPT is an integrated voice and data scheduling software from Elcomplus, U.S.A. An authorization issue vulnerability exists in Elcomplus SmartPPT, which can be exploited by a low-authentication attacker to access higher-level administrative authorizations by sending a request direct...

9CVSS5.6AI score0.00073EPSS
Exploits0References4
OSV
OSVadded 2021/05/07 11:15 a.m.1 views

CVE-2020-36125

Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by incorrect access control where password revalidation in sensitive operations can be bypassed remotely by an authenticated attacker through requesting the endpoint directly...

7.1CVSS5.8AI score
Exploits0References3
Rows per page
Query Builder