Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/26 4:22 p.m.7 views

CVE-2026-47715

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink issue event pages accept a direct event identifier from the URL and, in affected versions, look up that event without also requiring it to belong to the issue in the URL. This is a project-boundary authorization issue: a...

3.1CVSS5.8AI score0.00028EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 10:13 a.m.5 views

CVE-2024-40597

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. The logdeleted attribute is not respected...

7.5CVSS6.7AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 7:31 a.m.6 views

CVE-2024-40598

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. The logdeleted attribute is not applied to entries...

4.3CVSS6.6AI score0.00145EPSS
Exploits0References1
NVD
NVDadded 2025/02/13 10:15 p.m.14 views

CVE-2025-25195

Zulip is an open source team chat application. A weekly cron job added in 50256f48314250978f521ef439cafa704e056539 demotes channels to being "inactive" after they have not received traffic for 180 days. However, upon doing so, an event was sent to all users in the organization, not just users in...

4.3CVSS0.00191EPSS
Exploits0References4
OSV
OSVadded 2024/09/06 10:14 a.m.13 views

SUSE-SU-2024:3157-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Update to Firefox Extended Support Release 128.2.0 ESR bsc1229821 - CVE-2024-8381: Type confusion when looking up a property name in a 'with' block - CVE-2024-8382: Internal event interfaces were exposed to web content when browser...

9.8CVSS9.1AI score0.11622EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2024/07/06 12:0 a.m.3 views

PT-2024-28933 · Mediawiki · Mediawiki Checkuser Extension

Name of the Vulnerable Software and Affected Versions: MediaWiki CheckUser extension versions through 1.42.1 Description: An issue was discovered in the CheckUser extension for MediaWiki. It can expose suppressed information for log events, as the log deleted attribute is not respected...

7.5CVSS5.9AI score0.00382EPSS
Exploits0References11
OSV
OSVadded 2016/03/25 6:38 a.m.15 views

MGASA-2016-0122 Updated moodle packages fix security vulnerability

In Moodle before 2.8.11, teachers who otherwise were not supposed to see students' emails could see them in the participants list CVE-2016-2151. In Moodle before 2.8.11, Moodle traditionally trusted content from external DB, however it was decided that external datasources may not be aware of web...

8.8CVSS5.2AI score0.00437EPSS
Exploits0References14
Rows per page
Query Builder