Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Positive Technologies
Positive Technologiesadded 2026/02/28 12:0 a.m.6 views

PT-2026-22464

Name of the Vulnerable Software and Affected Versions WP Mail Logging versions prior to 1.15.1 Description The WP Mail Logging plugin for WordPress is susceptible to PHP Object Injection in versions up to and including 1.15.0. This occurs due to the deserialization of untrusted input from the ema...

7.5CVSS7.1AI score0.00072EPSS
Exploits0References10
Trellix
Trellixadded 2025/07/28 12:0 a.m.2 views

Let’s Be Objective: A Deep Dive into 0bj3ctivityStealer's Features

Let’s Be Objective: A Deep Dive into 0bj3ctivityStealer's Features By Ernesto Fernández Provecho · July 28, 2025 The infostealer landscape keeps evolving year over year, and we are beginning to observe new features, targeting more applications and data, and the implementation of new obfuscation a...

7AI score
Exploits0
OSV
OSVadded 2025/01/22 8:15 a.m.1 views

CVE-2025-0428

The "AI Power: Complete AI Pack" plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.8.96 via deserialization of untrusted input from the $form'postcontent' variable through the wpaicgexportprompts function. This allows authenticated attackers, with...

7.2CVSS7.5AI score0.00358EPSS
Exploits0References2
The Hacker News
The Hacker Newsadded 2023/06/27 2:10 p.m.2 views

New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain

Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to deliver an unknown payload to targeted systems. "The packages in question seem to be published in pairs, each pair working in unison to fetch additional resources...

6.6AI score
Exploits0
Securelist
Securelistadded 2022/07/25 10:0 a.m.30 views

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

Introduction Rootkits are malware implants which burrow themselves in the deepest corners of the operating system. Although on paper they may seem attractive to attackers, creating them poses significant technical challenges and the slightest programming error has the potential to completely cras...

0.8AI score
Exploits0
exploitpack
exploitpackadded 2017/07/18 12:0 a.m.26 views

Hashicorp vagrant-vmware-fusion 4.0.20 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 4.0.20 - Local Privilege Escalation I'm a big fan of Hashicorp but this is an awful bug to have in software of their calibre. Their vagrant plugin for vmware fusion uses a product called Ruby Encoder to protect their proprietary ruby code. It does this by turning t...

0.8AI score
Exploits0
Rows per page
Query Builder