Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5334 matches found

NVD
NVDadded 2023/01/27 6:15 p.m.12 views

CVE-2022-48008

An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted PHP file...

9.8CVSS9.6AI score0.0576EPSS
Exploits1References1
OpenVAS
OpenVASadded 2023/01/27 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-5681-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.03961EPSS
Exploits2References2
OpenVAS
OpenVASadded 2023/01/27 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-4768-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.41417EPSS
Exploits9References2
OpenVAS
OpenVASadded 2023/01/27 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-4795-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.24315EPSS
Exploits0References2
OpenVAS
OpenVASadded 2023/01/27 12:0 a.m.16 views

Ubuntu: Security Advisory (USN-4769-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.01854EPSS
Exploits0References2
OSV
OSVadded 2023/01/26 9:15 p.m.11 views

CVE-2021-36686

Cross Site Scripting XSS vulnerability in yapi 1.9.1 allows attackers to execute arbitrary code via the /interface/api edit page...

5.4CVSS5.4AI score
Exploits0References2
NVD
NVDadded 2023/01/26 6:59 p.m.6 views

CVE-2022-42414

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS4AI score0.00298EPSS
Exploits0References2
NVD
NVDadded 2023/01/26 6:59 p.m.17 views

CVE-2022-41145

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS4AI score0.00209EPSS
Exploits0References2
Prion
Prionadded 2023/01/26 6:59 p.m.13 views

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

1.9CVSS5.2AI score0.00209EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2023/01/26 12:0 a.m.11 views

CVE-2022-42413

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.5AI score0.00209EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/01/26 12:0 a.m.11 views

CVE-2022-42390

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.5AI score0.00209EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/01/26 12:0 a.m.11 views

CVE-2022-42407

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.5AI score0.00209EPSS
Exploits0References2
Prion
Prionadded 2023/01/23 10:15 p.m.11 views

Cross site scripting

Cross-Site Scripting XSS vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter...

4.9CVSS5.4AI score0.00331EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2023/01/23 3:15 p.m.13 views

Stack overflow

UNSUPPORTED WHEN ASSIGNED TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSystemCheck. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This...

6.5CVSS9AI score0.01026EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2023/01/23 5:15 a.m.11 views

CVE-2023-23314

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...

8.8CVSS7.7AI score
Exploits0References1
NVD
NVDadded 2023/01/23 5:15 a.m.7 views

CVE-2023-23314

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...

8.8CVSS8.8AI score0.01641EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/01/23 12:0 a.m.9 views

CVE-2023-23314

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file...

9AI score0.01641EPSS
Exploits1References1
Prion
Prionadded 2023/01/20 7:15 p.m.12 views

Code injection

An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service...

7.5CVSS9.7AI score0.00661EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blogadded 2023/01/20 6:30 p.m.26 views

XpressEngine vulnerable to Unrestricted Upload of File with Dangerous Type

When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is...

9.8CVSS3AI score0.03393EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2023/01/20 12:0 a.m.10 views

CVE-2023-23012

Cross Site Scripting XSS vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php...

6.2AI score0.00364EPSS
Exploits1References2
Rows per page
Query Builder