Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/06/03 9:14 p.m.5 views

GHSA-2J5P-7P5M-CVQR Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands

Impact The LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences e.g., ../../../etc/passwd to: - Read arbitrary files from the file system accessible to the...

5.5CVSS5.9AI score
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001046)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001046 advisory. The recalculateapicmap function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service ho...

5.2CVSS6.9AI score0.00086EPSS
Exploits1References13
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-15609

Malware in sbrugna...

9.8CVSS9.4AI score0.06673EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/07/23 7:3 a.m.7 views

CVE-2025-24938

The web application allows user input to pass unfiltered to a command executed on the underlying operating system. An attacker with high privileged access administrator to the application has the potential execute commands on the operating system under the context of the webserver. The vulnerable...

8.4CVSS7.4AI score0.00139EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/03/27 12:0 a.m.5 views

PT-2023-8668 · Unknown · Mailsherlock

Name of the Vulnerable Software and Affected Versions: MailSherlock affected versions not specified Description: The issue is related to insufficient filtering for user input in the MailSherlock query function for connection logs. This allows an authenticated remote attacker with administrator...

8.3CVSS7AI score0.00688EPSS
Exploits0References3
CVE
CVEadded 2009/03/30 10:0 p.m.81 views

CVE-2009-1171

The vulnerability CVE-2009-1171 affects Moodle’s TeX filter in Moodle 1.6 (before 1.6.9+), 1.7 (before 1.7.7+), 1.8 (before 1.8.9), and 1.9 (before 1.9.5). A user-assisted attacker can cause LaTeX to read and include arbitrary files by crafting a input command within a "$${...}$" sequence. This l...

4.3CVSS7.3AI score0.09728EPSS
Exploits1References14Affected Software1
CERT
CERTadded 2002/04/02 12:0 a.m.255 views

ibrow NewsDesk does not securely handle input passed to open()

Overview A vulnerability in ibrow NewsDesk allows an attacker to view files and execute operating system commands with the privileges of the web server. Description ibrow NewsDesk is a Perl CGI script that is designed to create and display news articles on a web site. The code for NewsDesk is...

5CVSS6.7AI score0.03463EPSS
Exploits1References9
Rows per page
Query Builder