Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9459 matches found

NVD
NVDadded 2023/07/12 10:15 a.m.18 views

CVE-2023-30428

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message to any topic using the broker's admin role. This issue affects Apache Pulsar Brokers: from 2.9.0 through 2.9.5, from...

8.2CVSS8.1AI score0.0058EPSS
Exploits0References1
Prion
Prionadded 2023/07/12 10:15 a.m.21 views

Authorization

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message to any topic using the broker's admin role. This issue affects Apache Pulsar Brokers: from 2.9.0 through 2.9.5, from...

5.5CVSS7.9AI score0.0058EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/07/12 9:10 a.m.20 views

CVE-2023-30428 Apache Pulsar Broker: Incorrect Authorization Validation for Rest Producer

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message to any topic using the broker's admin role. This issue affects Apache Pulsar Brokers: from 2.9.0 through 2.9.5, from...

8.2CVSS8.3AI score0.0058EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/07/12 9:10 a.m.19 views

CVE-2023-30428 Apache Pulsar Broker: Incorrect Authorization Validation for Rest Producer

Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message to any topic using the broker's admin role. This issue affects Apache Pulsar Brokers: from 2.9.0 through 2.9.5, from...

8.2CVSS6.7AI score0.0058EPSS
Exploits0References1
ICS
ICSadded 2023/07/12 6:0 a.m.38 views

Rockwell Automation Select Communication Modules

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 1756-EN2T, 1756-EN2TK, 1756-EN2TXT, 1756-EN2TP, 1756-EN2TPK, 1756-EN2TPXT, 1756-EN2TR, 1756-EN2TRK, 1756-EN2TRXT, 1756-EN2F, 1756-EN2FK, 1756-EN3TR, 1756-EN3TRK,...

9.8CVSS9.9AI score0.0364EPSS
Exploits0References8
CNVD
CNVDadded 2023/07/12 12:0 a.m.19 views

Apache Camel Information Disclosure Vulnerability

Apache Camel is the United States Apache Apache Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern , referred to as EIP integration framework. The framework provides Enterprise Integration Pattern Java objects POJO implementation , and throug...

3.3CVSS6AI score0.00324EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2023/07/12 12:0 a.m.26 views

Ubuntu 20.04 LTS : Firefox vulnerability (USN-6218-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6218-1 advisory. A use-after-free was discovered in Firefox when handling workers. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary...

8.8CVSS8.5AI score0.00542EPSS
Exploits0References2
ICS
ICSadded 2023/07/11 12:0 a.m.73 views

Siemens RUGGEDCOM ROX

1. EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely / low attack complexity ​Vendor: Siemens ​Equipment: RUGGEDCOM ROX ​Vulnerabilities: Cleartext Transmission of Sensitive Information, Command Injection, Improper Authentication, Classic Buffer Overflow, Uncontrolled Resource...

10CVSS10AI score0.95764EPSS
Exploits9References12
Mozilla
Mozillaadded 2023/07/11 12:0 a.m.92 views

Security Vulnerabilities fixed in Firefox 115.0.2 and Firefox ESR 115.0.2 — Mozilla

During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash...

8.8CVSS8.5AI score0.00542EPSS
Exploits0References1Affected Software2
Prion
Prionadded 2023/07/10 4:15 p.m.22 views

Code injection

The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user accounts with the role of their choice via their wholesale REST API endpoint. This is only exploitable if the site owner paid to access the plugin's pro features...

7.5CVSS9.4AI score0.01728EPSS
Exploits2References1Affected Software1
Prion
Prionadded 2023/07/05 10:15 a.m.20 views

Design/Logic Flaw

A use-after-free condition existed in NotifyOnHistoryReload where a LoadingSessionHistoryEntry object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox 115...

6.8CVSS8.2AI score0.00496EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCveadded 2023/07/05 10:15 a.m.26 views

CVE-2023-37209

A use-after-free condition existed in NotifyOnHistoryReload where a LoadingSessionHistoryEntry object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox 115...

8.8CVSS7.2AI score0.00496EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2023/07/05 9:5 a.m.25 views

CVE-2023-37209

A use-after-free condition existed in NotifyOnHistoryReload where a LoadingSessionHistoryEntry object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox 115...

8.8CVSS9.6AI score0.00496EPSS
Exploits0
OpenVAS
OpenVASadded 2023/06/29 12:0 a.m.3 views

Mageia: Security Advisory (MGASA-2023-0212)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
ICS
ICSadded 2023/06/23 6:0 a.m.26 views

SpiderControl SCADAWebServer

1. EXECUTIVE SUMMARY CVSS v3 4.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: SpiderControl Equipment: SCADAWebServer Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition 3. TECHNICAL DETAILS...

6.5CVSS6.7AI score0.00833EPSS
Exploits0References10
UbuntuCve
UbuntuCveadded 2023/06/19 10:15 a.m.26 views

CVE-2023-29531

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected. This vulnerability affects Firefox 112, Firefox ESR...

9.8CVSS7.2AI score0.00974EPSS
Exploits0References4
Prion
Prionadded 2023/06/19 10:15 a.m.14 views

Design/Logic Flaw

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected. This vulnerability affects Firefox 112, Firefox ESR...

7.5CVSS9AI score0.00974EPSS
Exploits0References4Affected Software3
Debian CVE
Debian CVEadded 2023/06/19 9:48 a.m.39 views

CVE-2023-29531

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected. This vulnerability affects Firefox 112, Firefox ESR...

9.8CVSS9AI score0.00974EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2023/06/19 9:48 a.m.20 views

CVE-2023-29531

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected. This vulnerability affects Firefox 112, Firefox ESR...

9.8CVSS9.2AI score0.00974EPSS
Exploits0
Huntr
Huntradded 2023/06/17 5:39 p.m.11 views

Able to edit users owned by other administration users

Description Exploiting a vulnerability 'Take ownership' of any user, thereby being able to edit all users. Proof of Concept Step 1: We have user1 owned by admin1. \ Step 2: By doing the 'Take ownership' action, the user1 is now owned by admin2 \ \ Step 3: Now, admin2 is able to edit user1, and ev...

6.9AI score
Exploits0
Rows per page
Query Builder