Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/20 11:3 p.m.1 views

CVE-2026-34082

Dify is an open-source LLM app development platform. Prior to 1.13.1, the method DELETE /console/api/installed-apps//conversations/ has poor authorization checking and allows any Dify-authenticated user to delete someone else's chat history. Version 1.13.1 patches the issue...

5.3CVSS5.7AI score0.00036EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2025/12/31 6:39 p.m.5 views

CVE-2025-34467

CVE-2025-34467 affects ZwiiCMS versions prior to 13.7.00. The issue arises from improper authorization checks combined with flawed resource state management, causing an authenticated low-privilege user to trigger a temporary lock on a targeted resource when requesting an admin page. This lock is ...

5.3CVSS6.2AI score0.00034EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2011-5239

Malware in sbrugna...

10CVSS6.4AI score0.63667EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2025/06/23 8:47 a.m.2 views

CVE-2024-3511 Incorrect Authorization in Multiple WSO2 Products Allows Unauthorized Access to Registry Versioned Files

An incorrect authorization vulnerability exists in multiple WSO2 products that allows unauthorized access to versioned files stored in the registry. Due to flawed authorization logic, a malicious actor with access to the management console can exploit a specific bypass method to retrieve versione...

4.3CVSS4.5AI score0.00145EPSS
Exploits0References1
CVE
CVEadded 2025/06/23 8:47 a.m.15 views

CVE-2024-3511

CVE-2024-3511 concerns an incorrect authorization flaw affecting multiple WSO2 products that allows unauthorized access to versioned files stored in the registry. The root cause is flawed authorization logic that enables bypass via the management console to retrieve versioned files without proper...

4.3CVSS4.5AI score0.00145EPSS
Exploits0References1Affected Software6
Positive Technologies
Positive Technologiesadded 2025/06/23 12:0 a.m.1 views

PT-2025-26582

Name of the Vulnerable Software and Affected Versions: WSO2 products affected versions not specified Description: An incorrect authorization issue exists, allowing unauthorized access to versioned files stored in the registry. This is due to flawed authorization logic, which can be exploited by a...

4.3CVSS5.8AI score0.00145EPSS
Exploits0References5
CNNVD
CNNVDadded 2022/12/20 12:0 a.m.2 views

IBM Financial Transaction Manager 安全漏洞

IBM Financial Transaction Manager is a financial transaction manager from International Business Machines IBM. The product is primarily used to monitor, track and report on financial payments and transactions. A security vulnerability exists in IBM Financial Transaction Manager version 3.2.4, whi...

5.3CVSS5.8AI score0.00139EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2012/06/21 12:0 a.m.32 views

GLSA-201204-06 : PolicyKit: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201204-06 PolicyKit: Multiple vulnerabilities Multiple vulnerabilities have been found in PolicyKit: Error messages in the pkexec utility disclose the existence of local files CVE-2010-0750. The pkexec utility initially checks the...

6.9CVSS6.6AI score0.05537EPSS
Exploits18References4
Rows per page
Query Builder