Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.26 views

RHEL 7 : xstream (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - XStream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulati...

9.2AI score0.9368EPSS
Exploits14References10
Cvelist
Cvelistadded 2023/10/20 7:29 a.m.14 views

CVE-2020-36754 Paid Memberships Pro <= 2.4.2 - Cross-Site Request Forgery Bypass

The Paid Memberships Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.2. This is due to missing or incorrect nonce validation on the pmpropagesave function. This makes it possible for unauthenticated attackers to save pages via a forged...

4.3CVSS4.2AI score0.00139EPSS
Exploits1References9
Mageia
Mageiaadded 2021/07/25 2:45 p.m.69 views

Updated xstream packages fix security vulnerabilities

In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream CVE-2021-21341...

9.9CVSS4.1AI score0.92EPSS
Exploits11References5
CNVD
CNVDadded 2018/12/19 12:0 a.m.1 views

IBM Event Streams Privilege Acquisition Vulnerability

IBM Event Streams is a set of event streaming platform based on Apache Kafka project from IBM, USA. The platform is mainly used for Apache Kafka deployment, authentication and encrypted communication and other functions. A security vulnerability exists in IBM Event Streams. A remote attacker can...

5.3CVSS7.2AI score0.0013EPSS
Exploits0References1
CNVD
CNVDadded 2018/06/19 12:0 a.m.2 views

Linaro LAVA Information Disclosure Vulnerability

Linaro LAVA is an automated verification system. The system is primarily used to test the deployment of device systems based on ARM cores. A security vulnerability exists in Linaro LAVA versions prior to 2018.5.post1. An attacker can exploit this vulnerability by forging an HTTP request to force...

6.5CVSS6.3AI score0.00308EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2017/12/28 12:31 a.m.14 views

New Relic: User to Admin privilege escalation in Infrastructure Conditions - /v2/accounts/1835740/alerts/conditions

Details The endpoints POST /v2/accounts/:accountid/alerts/conditions create new and PUT /v2/accounts/:accountid/alerts/conditions/:conditionid update existing on infrastructure-alert.service.newrelic.com are vulnerable to privilege escalation. As per the screenshot below, an account with regular...

0.2AI score
Exploits0
Rows per page
Query Builder