Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7999 matches found

OSV
OSVadded 2025/05/23 1:40 p.m.1 views

SUSE-SU-2025:20346-1 Security update for python311

This update for python311 fixes the following issues: - Updated to 3.11.12: - gh-131809: Updated bundled libexpat to 2.7.1 - gh-131261: Upgraded to libexpat 2.7.0 - CVE-2025-0938: Fixed functions urllib.parse.urlsplit and urlparse accepting domain names including square brackets bsc1236705 -...

6.3CVSS6.8AI score0.01639EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/23 10:32 a.m.3 views

CVE-2024-43806

Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...

6.5CVSS6.3AI score0.00083EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 9:19 a.m.2 views

CVE-2024-7414

The PDF Builder for WPForms plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.116. This is due to the plugin allowing direct access to the composer-setup.php file which has displayerrors on. This makes it possible for unauthenticated attackers to...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 9:8 a.m.1 views

CVE-2024-6562

The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.5. This is due displayerrors being set to true . This makes it possible for unauthenticated attackers to retrieve the full path of the web...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 9:7 a.m.2 views

CVE-2024-6567

The Ebook Store plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.8001. This is due to the plugin utilizing fpdi-protection and not preventing direct access to test files that have displayerrors set to true. This makes it possible for unauthenticat...

5.3CVSS5.9AI score0.00866EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 9:5 a.m.3 views

CVE-2024-5273

Jenkins Report Info Plugin 1.2 and earlier does not perform path validation of the workspace directory while serving report files, allowing attackers with Item/Configure permission to retrieve Surefire failures, PMD violations, Findbugs bugs, and Checkstyle errors on the controller file system by...

4.3CVSS6.8AI score0.00126EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:59 a.m.5 views

CVE-2024-5250

In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations...

5.3CVSS7.1AI score0.00494EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:25 a.m.2 views

CVE-2024-6570

The Glossary plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.2.26. This is due the plugin utilizing wpdesk and not preventing direct access to the test files along with displayerrors being enabled. This makes it possible for unauthenticated...

5.3CVSS5.9AI score0.00563EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:2 a.m.3 views

CVE-2024-6573

The Intelligence plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.0. This is due the plugin not preventing direct access to the /vendor/levelten/intel/realtime/index.php file and displayerrors being enabled. This makes it possible for...

5.3CVSS5.1AI score0.00866EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:0 a.m.4 views

CVE-2024-6547

The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of t...

5.3CVSS6.5AI score0.00866EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:0 a.m.4 views

CVE-2024-6569

The Campaign Monitor for WordPress plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.8.15. This is due the plugin not properly restricting direct access to /forms/views/admin/create.php and displayerrors being enabled. This makes it possible for...

5.3CVSS5.1AI score0.00866EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:52 a.m.3 views

CVE-2023-22470

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error can be generated potentially causing a DoS when performed multiple times. There are currently no known workarounds. It is recommended that t...

6.5CVSS6.8AI score0.00249EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:38 a.m.2 views

CVE-2023-26052

Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated...

5.3CVSS6.7AI score0.00179EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:40 a.m.3 views

CVE-2023-0565

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10...

5.5CVSS6.8AI score0.00207EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:32 a.m.4 views

CVE-2023-5723

An attacker with temporary script access to a site could have set a cookie containing invalid characters using document.cookie that could have led to unknown errors. This vulnerability affects Firefox 119...

5.3CVSS6AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:26 a.m.3 views

CVE-2023-44099

Vulnerability of data verification errors in the kernel module. Successful exploitation of this vulnerability may cause WLAN interruption...

7.5CVSS6.8AI score0.00099EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:48 a.m.5 views

CVE-2023-3229

Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...

6.5CVSS6.8AI score0.00091EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:2 a.m.1 views

CVE-2023-1887

Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.3CVSS6.7AI score0.00304EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:0 a.m.6 views

CVE-2023-1542

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

8.1CVSS6.7AI score0.00309EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 2:59 a.m.2 views

CVE-2023-1541

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

6CVSS6.7AI score0.00314EPSS
Exploits1References1
Rows per page
Query Builder