Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:47 p.m.9 views

CVE-2026-9247

Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification to administrators via a crafted export request. This issue affects : Devolutions Server 2026.1.6.0 throug...

2.4CVSS5.4AI score0.00157EPSS
Exploits0References1
CVE
CVEadded 2026/05/22 3:23 p.m.20 views

CVE-2026-9247

CVE-2026-9247: Insufficient logging in Devolutions Server’s entry export feature allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification. Affected: Devolutions Server 2026.1.6.0–2026.1.16.0 and 2025.3.20.0 and earlier. Root cause: l...

2.4CVSS5.8AI score0.00157EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2025/12/10 12:0 a.m.25 views

PT-2025-50332

Hi All, Looking at the Action1 reports, and unable to see anything which would be useful to for reporting from for the vulnerability of devices. I'm looking for an export with the data similar to the below DeviceName, CveId, Severity, CVSS, PatchAvailable, Product, OS, LastSeen PC-001,...

6.5CVSS6.8AI score0.01593EPSS
Exploits13References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:8 a.m.6 views

CVE-2023-50448

In ActiveAdmin aka Active Admin before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data that belongs to another user by making CSV export requests at certain specific times...

6.5CVSS6.7AI score0.00496EPSS
Exploits0
VulnCheck KEV
VulnCheck KEVadded 2023/11/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-24931

The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccpid parameter of the ayssccpresultsexportfile AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an SQL injection...

9.8CVSS7.3AI score0.78812EPSS
Exploits7References1
VulnCheck KEV
VulnCheck KEVadded 2023/11/13 12:0 a.m.4 views

VulnCheck KEV: CVE-2022-39960

The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...

5.3CVSS6AI score0.2568EPSS
Exploits1References1
Metasploit
Metasploitadded 2022/09/14 7:50 p.m.536 views

SuiteCRM authenticated SQL injection in export functionality

This module exploits an authenticated SQL injection in SuiteCRM in versions before 7.12.6. The vulnerability allows an authenticated attacker to send specially crafted requests to the export entry point of the application in order to retrieve all the usernames and their associated password from t...

9.1CVSS7.1AI score0.0191EPSS
Exploits2
Rows per page
Query Builder