Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Positive Technologies
Positive Technologiesadded 6 days ago18 views

PT-2026-50223

In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8CVSS5.6AI score0.00118EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2019-9767

Malware in sbrugna...

9.3CVSS7.5AI score0.04646EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-25272

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00082EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/07/10 7:36 p.m.2 views

CVE-2025-53632 Chall-Manager's scenario decoding process does not check for zip slips

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario i.e. a zip archive, the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can...

8.8CVSS7.3AI score0.00718EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/05/06 7:21 a.m.18 views

CVE-2025-46593

Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability...

5.1CVSS0.00093EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2024/12/10 12:0 a.m.12 views

Adobe FrameMaker 2020 < 16.0.7 (2020.0.7) / Adobe FrameMaker 2022 < 17.0.5 (2022.0.5) Arbitrary Code Execution (APSB24-106)

The version of Adobe FrameMaker installed on the remote Windows host is prior to Adobe FrameMaker 2020 16.0.7 / Adobe FrameMaker 2022 17.0.5. It is, therefore, affected by a vulnerability as referenced in the apsb24-106 advisory. - Adobe Framemaker versions 2020.7, 2022.5 and earlier are affected...

7.8CVSS6.4AI score0.00484EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2024/04/27 1:21 p.m.645 views

Exploit for Path Traversal in Aiohttp

poc-cve-2024-23334 This repository contains a proof of concept...

7.5CVSS7.6AI score0.76875EPSS
Exploits15
ThreatPost
ThreatPostadded 2021/09/22 5:22 p.m.18 views

Unpatched Apple Zero-Day Allows Code Execution

A zero-day security vulnerability in Apple’s macOS Finder system could allow remote attackers to trick users into running arbitrary commands, according to researchers – and a silent patch hasn’t fixed it. For those not in the Apple camp, the macOS Finder is the default file manager and GUI...

7.3AI score
Exploits0References8
EUVD
EUVDadded 2020/10/16 10:17 p.m.4 views

EUVD-2020-8888

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

7.8CVSS7.7AI score0.04342EPSS
Exploits0References3
Hacker One
Hacker Oneadded 2018/02/05 3:27 p.m.19 views

Mail.ru: XSS via Cookie in e.mail.ru

Привет! Нашел stored xss через куку VID. Обычно такое эксплуатируется через mitm. Сама кука не имеет атрибутов secure и samesite, что дает возможность выставить ее по http на сервере атакующего. Сценарий такой: 1. Жертва находится в сети атакующего 2. DNS сервер сети атакующего резолвит хост...

Exploits0
Rows per page
Query Builder