Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2025/12/18 3:27 p.m.3 views

CVE-2025-68278 tinacms vulnerable to arbitrary code execution

Tina is a headless content management system. In tinacms prior to version 3.1.1, tinacms uses the gray-matter package in an insecure way allowing attackers that can control the content of the processed markdown files, e.g., blog posts, to execute arbitrary code. tinacms version 3.1.1, @tinacms/cl...

8.6CVSS7.3AI score0.00069EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/11/25 5:38 a.m.5 views

CVE-2025-12742 Remote Code Execution in Looker via Teradata JDBC Driver

A Looker user with a Developer role could cause Looker to execute a malicious command, due to insecure processing of Teradata driver parameters. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for Looker-hosted instances. No user action is required...

7.5CVSS0.00038EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/12/03 12:0 a.m.2 views

PT-2023-8404 · Htmlunit · Htmlunit

Name of the Vulnerable Software and Affected Versions: HtmlUnit versions prior to 3.9.0 Description: HtmlUnit is a GUI-less browser for Java programs that is vulnerable to Remote Code Execution RCE via XSTL when browsing an attacker's webpage. The reason for the vulnerability is that the FEATURE...

10CVSS9.3AI score0.05143EPSS
Exploits1References19
CVE
CVEadded 2022/05/11 5:15 p.m.96 views

CVE-2022-27791

Adobe Acrobat Reader DC CVE-2022-27791 is a stack-based buffer overflow in font processing that can lead to arbitrary code execution under the current user. Affected versions include 22.001.20085 and earlier; 20.005.3031x and earlier; 17.012.30205 and earlier. Exploitation requires user interacti...

9.3CVSS7.7AI score0.05836EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessusadded 2022/04/12 12:0 a.m.136 views

Adobe Acrobat < 17.012.30227 / 20.005.30331 / 22.001.20112 Multiple Vulnerabilities (APSB22-16)

The version of Adobe Acrobat installed on the remote Windows host is a version prior to 17.012.30227, 20.005.30331, or 22.001.20112. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader version 22.001.20085 and earlier, 20.005.30314 and earlier and 17.012.30205 and earli...

9.3CVSS7.3AI score0.11543EPSS
Exploits0References75
CVE
CVEadded 2021/07/09 1:25 p.m.63 views

CVE-2021-30201

CVE-2021-30201 affects Kaseya VSA (on‑premises/server side) where the API /vsaWS/KaseyaWS.asmx processes XML with external entities. The vulnerability arises from insecure handling of XML external entities, allowing an attacker to cause the server to read local files (e.g., c:\kaseya\kserver\kser...

7.5CVSS7.5AI score0.00329EPSS
Exploits1References4Affected Software1
Veracode
Veracodeadded 2021/06/18 7:36 a.m.14 views

Denial Of Service

opencast-kernel is vulnerable to denial of service. The vulnerability exists due to an insecure processing of a single HTTP request to parse XML through the system, causing it to expand a .crafted string 100,000 times causing the system to hang...

8.1CVSS1.9AI score0.00308EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2020/04/14 7:15 p.m.11 views

CVE-2020-6238

SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...

9.3CVSS9.2AI score0.00408EPSS
Exploits0References2
Rows per page
Query Builder