Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Rapid7 Blog
Rapid7 Blogadded 2025/03/25 3:12 p.m.25 views

Notable vulnerabilities in Next.js (CVE-2025-29927) and CrushFTP

Rapid7 is warning customers of two notable unrelated vulnerabilities in Next.js, a React framework for building web applications, and CrushFTP, a file transfer technology that has previously been targeted by adversaries. CVE-2025-29927 is a critical improper authorization vulnerability in Next.js...

9.8CVSS9.9AI score0.92118EPSS
Exploits63
HackRead
HackReadadded 2024/04/25 11:48 a.m.13 views

Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit

By Deeba Ahmed Popular File Transfer Software Hit by Zero-Day Exploit: Millions Potentially Exposed - Install Patches Right Now! This is a post from HackRead.com Read the original post: Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit...

7.3AI score
Exploits0
Malwarebytes
Malwarebytesadded 2024/02/14 2:47 p.m.15 views

How ransomware changed in 2023

In 2023, the CL0P ransomware gang broke the scalability barrier and shook the security world with a series of short, automated campaigns, hitting hundreds of unsuspecting targets simultaneously with attacks based on zero-day exploits. The gangs novel approach challenged a bottleneck that makes it...

7.2AI score
Exploits0
Malwarebytes
Malwarebytesadded 2023/06/06 1:0 a.m.369 views

Cl0p ransomware gang claims first victims of the MOVEit vulnerability

On Friday June 2, 2023 we reported about a MOVEit Transfer vulnerability that was actively being exploited. If your organization uses MOVEit Transfer and you havent patched yet, it really is time to move it. Excuse the bad pun, but yesterday we saw the first victims of this vulnerability come...

7.5CVSS8.2AI score0.94254EPSS
Exploits15
CNVD
CNVDadded 2021/02/05 12:0 a.m.9 views

SolarWinds Serv-U FTP Server Cross-Site Scripting Vulnerability (CNVD-2021-14805)

SolarWinds Serv-U FTP Server is a set of U.S. SolarWinds FTP and MFT file transfer software. A cross-site scripting vulnerability exists in SolarWinds Serv-U before 15.2.2, which allows reflection of XSS via authentication.No detailed vulnerability details are available at this time...

5.4CVSS5.4AI score0.04259EPSS
Exploits0References1
seebug.org
seebug.orgadded 2013/12/17 12:0 a.m.23 views

IBM Sterling Connect:Enterprise跨站脚本漏洞

CVE ID:CVE-2013-6327 IBM Sterling Connect是一款点到点文件传输软件,可实现企业内和企业间的大容量、安全可靠的文件交付。 IBM Sterling Connect:Enterprise存在一个未明跨站脚本漏洞,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时可获取敏感信息或者劫持用户会话。 0 IBM Sterling Connect:Enterprise 1.3.0.2 IBM Sterling Connect:Enterprise 1.4.0.0. 厂商补丁: IBM ----- IBM Sterling Connect...

4.3CVSS6.6AI score0.00236EPSS
Exploits1
Rows per page
Query Builder