Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/05/21 12:0 a.m.4 views

PT-2026-42513

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses InstaMapper and Google Latitude integration are concatenated into...

8.8CVSS5.9AI score0.00044EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/01/21 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-10569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed...

6.5CVSS5.7AI score0.00033EPSS
Exploits0References2
OSV
OSVadded 2025/07/15 6:4 p.m.1 views

GHSA-JJWR-5CFH-7XWH DSpace is vulnerable to XML External Entity injection during archive imports

Impact Two related XXE injection possibilities have been discovered, impacting all versions of DSpace prior to 7.6.4, 8.2 and 9.1. 1. External entities are not disabled when parsing XML files during import of an archive in Simple Archive Format, either from command-line ./dspace import command or...

6.9CVSS6AI score0.00283EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2024/01/22 12:0 a.m.1 views

PT-2024-1240 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.0.8 Description: The issue is related to the Splunk RapidDiag utility, which discloses server responses from external applications in a log file due to insufficient protection of registration data. This...

5.3CVSS7.4AI score0.00229EPSS
Exploits0References8
OSV
OSVadded 2023/08/02 1:15 p.m.1 views

CVE-2023-26450

The "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker...

5.4CVSS5.9AI score
Exploits0References4
OSV
OSVadded 2023/08/02 1:15 p.m.3 views

CVE-2023-26449

The "OX Chat" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker...

5.4CVSS5.8AI score0.00188EPSS
Exploits0References4
CNNVD
CNNVDadded 2023/08/02 12:0 a.m.2 views

Open-Xchange AppSuite Cross-Site Scripting Vulnerability

Open-Xchange AppSuite is a set of Web cloud desktop environments from Open-Xchange Germany. The environment allows users to more intuitively manage email, tasks, files, and more. A security vulnerability exists in Open-Xchange AppSuite that stems from the OX Count web service not specifying a med...

5.4CVSS6.7AI score0.00188EPSS
Exploits0References7
Rows per page
Query Builder