Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/02/09 7:33 p.m.14 views

CVE-2026-25492

Craft CMS versions 3.5.0–4.16.17 and 5.0.0-RC1–5.8.21 are affected. The save_images_Asset GraphQL mutation can be abused to fetch internal URLs by supplying a domain resolving to an internal IP, bypassing hostname validation. If a non-image file extension (e.g., .txt) is allowed, downstream image...

6.5CVSS5.5AI score0.00419EPSS
Exploits1References3Affected Software1
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-46809)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46809 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check BIOS images befor...

5.5CVSS6AI score0.00237EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/24 5:12 p.m.9 views

CVE-2025-20313

Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. These vulnerabilities are due path...

6.7CVSS0.0018EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEVadded 2025/03/19 12:0 a.m.3 views

VulnCheck KEV: CVE-2023-2359

The Slider Revolution WordPress plugin through 6.6.12 does not check for valid image files upon import, leading to an arbitrary file upload which may be escalated to Remote Code Execution in some server configurations...

8.8CVSS5.9AI score0.0254EPSS
Exploits2References1
PyPA
PyPAadded 2023/11/14 9:15 p.m.4 views

PYSEC-2023-304

vantage6 is a framework to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. In affected versions a node does not check if an image is allowed to run if a parentid is set. A malicious party that breaches the server may modify it to set a...

8.8CVSS6.9AI score0.00446EPSS
Exploits0References3Affected Software1
PyPA
PyPAadded 2023/11/14 9:15 p.m.4 views

PYSEC-2023-303

vantage6 is a framework to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. In affected versions a node does not check if an image is allowed to run if a parentid is set. A malicious party that breaches the server may modify it to set a...

8.8CVSS6.9AI score0.00446EPSS
Exploits0References3Affected Software1
Kitploit
Kitploitadded 2020/05/02 9:30 p.m.70 views

Klar - Integration Of Clair And Docker Registry

Integration of Clair and Docker Registry supports both Clair API v1 and v3 Klar is a simple tool to analyze images stored in a private or public Docker registry for security vulnerabilities using Clair https://github.com/coreos/clair. Klar is designed to be used as an integration tool so it relie...

7.4AI score
Exploits0References3
Virtuozzo
Virtuozzoadded 2020/03/31 12:0 a.m.106 views

Product update: Virtuozzo 7.0 Update 13 (7.0.13-298)

The Update 13 for Virtuozzo 7.0 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1062.12.1.vz7.131.10. Vulnerability id: PSBM-95072 'pstorage-target' files are left over after successful migrations of VMs on Virtuozzo Storage from...

7.1AI score
Exploits0
Rows per page
Query Builder