Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2026/05/27 3:36 p.m.3 views

CVE-2026-44330 free5GC: NEF nnef-pfdmanagement API is unauthenticated; forged bearer tokens can read PFD data and create/delete PFD subscriptions

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-pfdmanagement route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can use a forged or arbitrary bearer token e.g. Authorization...

10CVSS5.9AI score0.00048EPSS
Exploits1References1
The Hacker News
The Hacker Newsadded 2026/02/11 11:30 a.m.5 views

Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments

Intentionally vulnerable training applications are widely used for security education, internal testing, and product demonstrations. Tools such as OWASP Juice Shop, DVWA, Hackazon, and bWAPP are designed to be insecure by default, making them useful for learning how common attack techniques work ...

5.9AI score
Exploits0
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-27038

Malware in sbrugna...

9.1CVSS9AI score0.00616EPSS
Exploits0References2
OSV
OSVadded 2025/04/30 12:24 a.m.5 views

CVE-2025-30202 Data exposure via ZeroMQ on multi-node vLLM deployment

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.5.2 and prior to 0.8.5 are vulnerable to denial of service and data exposure via ZeroMQ on multi-node vLLM deployment. In a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-no...

7.5CVSS7.4AI score0.00447EPSS
Exploits1References5
CNNVD
CNNVDadded 2021/05/04 12:0 a.m.1 views

IBM QRadar SIEM 命令注入漏洞

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...

9.8CVSS6AI score0.00575EPSS
Exploits0References6
OSV
OSVadded 2021/04/01 3:15 p.m.24 views

CVE-2021-28163

In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that...

2.7CVSS6.4AI score
Exploits0References26
CERT
CERTadded 2012/05/29 12:0 a.m.31 views

AutoFORM PDM Archive contains multiple vulnerabilities

Overview AutoFORM PDM Archive contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application. Description According to AutoFORM's website AutoFORM PDM Archive is a comprehensive output management solution that encompasses document...

6.5CVSS8.1AI score0.0165EPSS
Exploits0References4
Apache Tomcat
Apache Tomcatadded 2010/04/20 12:0 a.m.53 views

Fixed in Apache Tomcat 5.5.29

Low: Arbitrary file deletion and/or alteration on deploy CVE-2009-2693 When deploying WAR files, the WAR files were not checked for directory traversal attempts. This allows an attacker to create arbitrary content outside of the web root by including entries such as ../../bin/catalina.sh in the...

7.5CVSS5.9AI score0.86896EPSS
Exploits10Affected Software1
Rows per page
Query Builder