Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Snyk
Snykadded 2026/04/06 6:3 p.m.0 views

Missing Authentication for Critical Function

Overview vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the fetchModule method exposed through the WebSocket interface when the server is explicitly exposed to the network and WebSocket is enable...

8.2CVSS5.9AI score0.08748EPSS
Exploits3References2
RedhatCVE
RedhatCVEadded 2025/09/10 11:17 p.m.1 views

CVE-2025-58752

A path traversal / static-file serving bypass vulnerability has been identified in Vite’s static file server, where HTML files located outside the configured root or deny/allow lists may be served even when server.fs settings such as deny are used. An attacker can exploit this by requesting HTML...

5.3CVSS6.6AI score0.00026EPSS
Exploits1References8
Cvelist
Cvelistadded 2025/08/21 4:29 a.m.7 views

CVE-2025-53505

Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path traversal vulnerability. If this vulnerability is exploited, information on the server hosting the product may be exposed...

5.3CVSS0.00078EPSS
Exploits0References2
Exploit DB
Exploit DBadded 2023/04/08 12:0 a.m.267 views

Lucee Scheduled Job v1.0 - Command Execution

Exploit Title: Lucee Scheduled Job v1.0 - Command Execution Date: 3-23-2012 Exploit Author: Alexander Philiotis Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version: All versions with scheduled jobs enabled Tested on: Linux - Debian, Lubuntu & Windows 10 Ref ...

7AI score
Exploits0
Hacker One
Hacker Oneadded 2023/03/08 6:35 a.m.10 views

8x8: Unprotected Atlantis Server at https://132.226.█.█

Vulnerability description not provided...

7.1AI score
Exploits0
Hacker One
Hacker Oneadded 2022/12/05 4:26 p.m.60 views

8x8: Unprotected Atlantis Server at https://152.70.█.█

Atlantis is an application for automating Terraform via pull requests. @shuvam321 reported to us an exposed Atlantis test server in our infrastructure. No sensitive information had been disclosed & we restricted access to the Atlantis service entirely, which resolved the issue...

1.1AI score
Exploits0
OSV
OSVadded 2022/08/26 12:15 a.m.0 views

CVE-2022-36121

An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the UpdateOfflineHelpData...

5.3CVSS6.1AI score
Exploits0References3
OSV
OSVadded 2021/06/08 7:15 p.m.0 views

CVE-2020-28713

Incorrect access control in push notification service in Night Owl Smart Doorbell FW version 20190505 allows remote users to send push notification events via an exposed PNS server. A remote attacker can passively record push notification events which are sent over an insecure web request. The we...

6.5CVSS5.8AI score0.00653EPSS
Exploits1References2
Hacker One
Hacker Oneadded 2016/09/15 4:8 a.m.238 views

IRCCloud: Exposed, outdated nginx server (v1.4.6) potentially vulnerable to heap-based buffer overflow & RCE

Summary ======== During my reconnaissance for your bug bounty program, I discovered an instance of nginx version 1.4.6 running at the IP address https://54.153.101.52. To locate it, I search for IRCCloud-related certificated and found the self-signed certificate for this server...

7.5CVSS9.6AI score0.18581EPSS
Exploits1
Rows per page
Query Builder