Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Positive Technologies
Positive Technologiesadded 2026/05/29 12:0 a.m.8 views

PT-2026-45060

Summary Type: Insecure Direct Object Reference. The dependency endpoints POST/GET /workspaces/workspace id/issues/issue id/dependencies and DELETE .../dependencies/dep id gate access on require workspace memberworkspace id only, then dispatch to DependencyService calls that take URL/body-supplied...

8.1CVSS5.9AI score0.00032EPSS
Exploits0References3
NVD
NVDadded 2026/03/18 2:16 p.m.1 views

CVE-2026-32694

In Juju from version 3.0.0 through 3.6.18, when a secret owner grants permissions to a secret to a grantee, the secret owner relies exclusively on a predictable XID of the secret to verify ownership. This allows a malicious grantee which can request secrets to predict past secrets granted by the...

6.6CVSS0.00269EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/02/09 1:33 a.m.4 views

CVE-2026-25563

WeKan versions prior to 8.19 contain an insecure direct object reference IDOR in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers...

7.5CVSS5.3AI score0.0028EPSS
Exploits0References1
OSV
OSVadded 2026/02/07 10:16 p.m.4 views

CVE-2026-25563

WeKan versions prior to 8.19 contain an insecure direct object reference IDOR in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers...

7.5CVSS5.3AI score
Exploits0References3
CNNVD
CNNVDadded 2026/01/28 12:0 a.m.3 views

Oneflow security vulnerabilities

Oneflow is an open-source deep learning framework developed by Oneflow. Version 0.9.0 of Oneflow contains a security vulnerability, which stems from a flaw in GPU device ID verification. This vulnerability could lead to denial-of-service attacks...

7.5CVSS5.8AI score0.00577EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-6695

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00583EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/06/06 12:0 a.m.3 views

PT-2024-34590 · Lunary Ai · Lunary

Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions up to and including 1.2.2 Description: An Incorrect Authorization issue exists, allowing unauthenticated users to delete any dataset due to the lack of proper authorization checks in the dataset deletion endpoint. Th...

7.5CVSS7.8AI score0.00484EPSS
Exploits1References6
SUSE CVE
SUSE CVEadded 2023/02/15 4:24 a.m.4 views

SUSE CVE-2018-16056

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists...

7.1CVSS7.5AI score0.03352EPSS
Exploits0References11
ATTACKERKB
ATTACKERKBadded 2022/09/02 12:15 p.m.3 views

CVE-2022-22061

Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

7.8CVSS7.1AI score0.00119EPSS
Exploits0References2
Rows per page
Query Builder