Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

OSV
OSVadded 2026/02/17 1:16 p.m.2 views

CVE-2026-2615

A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The affected element is the function singlePortForwardDelete of the file /cgi-bin/firewall.cgi. Executing a manipulation of the argument delflag can lead to command injection. The attack may be launched remotely. The exploit has been...

8.6CVSS5.5AI score
Exploits0References5
Cvelist
Cvelistadded 2026/01/22 1:2 p.m.25 views

CVE-2026-1325 Sangfor Operation and Maintenance Security Management System edit_pwd_mall password recovery

A security flaw has been discovered in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function editpwdmall of the file /fort/login/editpwdmall. The manipulation of the argument flag results in weak password recovery. It is possible to launch the attack...

6.9CVSS0.00063EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/11 8:11 p.m.1 views

Malicious code in real_iguana_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8048391f2ddf63fee5885cc2f0ca485f36210c0341256a59aea18c86675e17a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSVadded 2025/11/10 3:15 a.m.0 views

CVE-2025-12927

A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archivesadd.php. Such manipulation of the argument flags leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may b...

7.2CVSS5.7AI score
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2007-3114

Malware in sbrugna...

5CVSS6.1AI score0.02666EPSS
Exploits0References16
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-10954

Malware in sbrugna...

4.3CVSS4.9AI score0.0018EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-31143

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00581EPSS
Exploits1References6
OSV
OSVadded 2025/09/12 8:15 p.m.0 views

CVE-2025-10324

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects the function sub401C5C of the file firewall.cgi. This manipulation of the argument pingFrmWANFilterEnabled/blockSynFloodEnabled/blockPortScanEnabled/remoteManagementEnabled causes command injection. It is possible to initia...

9.8CVSS5.7AI score
Exploits0References4
Cvelist
Cvelistadded 2022/12/27 10:42 p.m.17 views

CVE-2019-25091 nsupdate.info CSRF Cookie base.py cookie httponly flag

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without 'httponly' flag. It is possible to...

3.7CVSS5.3AI score0.00253EPSS
Exploits0References4
0day.today
0day.todayadded 2019/01/20 12:0 a.m.52 views

Microsoft Edge Chakra - JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode

/ The JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode method is used to execute JsBuiltIn.js which initializes some builtin objects. Because it's essentially written in JavaScript, it needs to clear the disable-implicit-call flag before calling the JavaScript code, otherwise i...

7.6CVSS0.1AI score0.81478EPSS
Exploits11
Rows per page
Query Builder