Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Cvelist
Cvelistadded 2026/05/13 5:29 p.m.29 views

CVE-2026-44002 vm2: Host File Path Disclosure via Stack Trace Information Leak

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's CallSite wrapper class intended as a safe wrapper for V8's native CallSite blocks getThis and getFunction to prevent host object leakage, but allows getFileName to return unsanitized host absolute paths. Any sandboxed code can...

5.8CVSS0.00039EPSS
Exploits1References1
OSV
OSVadded 2023/04/03 7:15 p.m.4 views

CVE-2022-4769

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the target path on host when a file is uploaded with an invalid character in its name...

4.3CVSS5.8AI score0.0024EPSS
Exploits0References1
CNNVD
CNNVDadded 2021/08/06 12:0 a.m.3 views

Electron Technologies FZC PopojiCMS 信息泄露漏洞

Electron Technologies FZC PopojiCMS is an open source content management system CMS from Electron Technologies FZC based on the Popoji framework. An information disclosure vulnerability exists in PopojiCMS, which originates from the product upload.php page, where deleting name = file when uploadi...

5.3CVSS5.7AI score0.00194EPSS
Exploits1References1
Rows per page
Query Builder