Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Snyk
Snykadded 2026/04/02 9:32 p.m.2 views

Incomplete List of Disallowed Inputs

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs through the validateScriptFileForShellBleed process. An attacker can execute unauthorized script content by crafting piped, substituted, or subshell...

5.4CVSS6AI score0.00022EPSS
Exploits0References2
Snyk
Snykadded 2026/04/01 8:29 p.m.4 views

Incomplete List of Disallowed Inputs

Overview changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the SafeXPath3Parser implementation. An attacker can access sensitive files from the local filesystem by leveraging unblock...

7.1CVSS5.8AI score0.00064EPSS
Exploits0References2
Snyk
Snykadded 2026/02/24 1:27 a.m.2 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.8CVSS6AI score0.00007EPSS
Exploits0References2
Snyk
Snykadded 2026/02/24 1:27 a.m.5 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.8CVSS6AI score0.00007EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/02/19 12:2 p.m.2 views

CVE-2019-25404

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. Attackers can inject script payloads in the adminname, name, and surname parameters via...

6.4CVSS5.2AI score0.00018EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2024/06/10 12:0 a.m.2 views

SuiteCRM Security Breach

SuiteCRM is a customer relationship management system from the SuiteCRM team. A security vulnerability exists in SuiteCRM that stems from allowing unauthenticated IFrames to be added to certain inputs, leading to cross-site scripting attacks...

9CVSS6.2AI score0.00793EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2023/09/05 5:15 p.m.0 views

CVE-2023-3374

Incomplete List of Disallowed Inputs vulnerability in Unisign Bookreen allows Privilege Escalation. This issue affects Bookreen: before 3.0.0...

9.8CVSS7.3AI score0.00123EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/09/05 4:29 p.m.7 views

CVE-2023-3374 Privilege Escalation in Bookreen

Incomplete List of Disallowed Inputs vulnerability in Unisign Bookreen allows Privilege Escalation. This issue affects Bookreen: before 3.0.0...

9.8CVSS7.3AI score0.00123EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/01/21 6:17 p.m.16 views

CVE-2022-23128

Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Electric MC Works64 versions 4.00A 10.95.201.23 to 4.04E 10.95.210.01, ICONICS GENESIS64 versions 10.95.3 to 10.97, ICONICS Hyper Historian versions 10.95.3 to 10.97, ICONICS AnalytiX versions 10.95.3 to 10.97 and ICONICS MobileHMI...

9.8AI score0.03768EPSS
Exploits0References3
Rows per page
Query Builder