Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2021-6516

Malicious code in bioql PyPI...

10CVSS9.4AI score0.00154EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2025/08/18 6:46 p.m.3 views

Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude Code

Due to an overly broad allowlist of safe commands, it was possible to bypass the Claude Code confirmation prompts to read a file and then send file contents over the network without user confirmation. Reliably exploiting this requires the ability to add untrusted content into a Claude Code contex...

7.5CVSS7.2AI score0.00137EPSS
Exploits0References3Affected Software1
Hacker One
Hacker Oneadded 2024/09/16 10:7 a.m.2 views

HackerOne: Issue with VDP Program's Transition to Private Status and Missing Warning Labels on ORG Invitation

Vulnerability description not provided...

7.1AI score
Exploits0
Hacker One
Hacker Oneadded 2023/02/24 3:9 p.m.149 views

HackerOne: information disclosure of another company bug on video.

An information disclosure vulnerability was discovered in a company's system and reported on a bug bounty platform. The vulnerability allowed access to sensitive information about the company and its subdomain. The vulnerability was disclosed publicly, potentially causing harm to the affected...

6.4AI score
Exploits0
Prion
Prionadded 2022/01/14 8:15 p.m.13 views

Design/Logic Flaw

Hacker one bug ID: 1343975Product: AndroidVersions: Android SoCAndroid ID: A-204256722...

10CVSS8AI score0.00154EPSS
Exploits0References1
OSV
OSVadded 2022/01/01 12:0 a.m.8 views

ASB-A-204256722

Hacker one bug ID: 1343975...

10CVSS7AI score0.00154EPSS
Exploits0References1
0day.today
0day.todayadded 2017/11/27 12:0 a.m.266 views

WordPress WPDB SQL Injection Vulnerability

Exploit for php platform in category web applications Today, a significant SQL-Injection vulnerability was fixed in WordPress 4.8.3. Before reading further, if you haven’t updated yet stop right now and update. The foundations of this vulnerability was reported via Hacker-One on September 20th,...

7.1AI score
Exploits0
Hacker One
Hacker Oneadded 2016/07/20 4:2 p.m.68 views

Harvest: CSRF token fixation in Sign in with Google

Hi There is CSRF token fixation in Sign in with Google at https://id.getharvest.com/sessions/new The state parameter is same for any time login https://id.getharvest.com/oauth2/callback?state=%7B%22intent%22:%22sign-in%22%7D&code=code Steps to reproduce 1. Go to...

0.1AI score
Exploits0
Hacker One
Hacker Oneadded 2015/02/18 5:46 p.m.70 views

Internet Bug Bounty: Bad Write in TTF font parsing (win32k.sys)

This bug was originally reported through Project Zero at Google. Alex Rice suggested to me that I could potentially receive a bounty through Hacker One so I am also opening a report here. The vulnerability reference numbers are MS15-010 CVE-2015-0059 The original bug report is...

6.9CVSS6.2AI score0.36366EPSS
Exploits0
Rows per page
Query Builder