Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded yesterday4 views

Malicious code in getd-transactional-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe5e89f2411faf9265508a84772d5667bb3095cf28937bb9e9ab80a215ff4208 On npm install, postinstall.js issues an HTTPS GET to https://webhook.site/18dc4281-d366-438a-9186-76fbcd56ade5 carrying os.hostname,...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded yesterday3 views

Malicious code in checkout-signer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6add4dfcaaf79ce107ac8026032b47540def183a121be2266891644c90f10c8 Package replicates the API surface of an internal Exodus package generateMnemonicSigningKeys, signDirectPaymentMultiChain, signCapture, signRefund,...

5.3AI score
Exploits0References1
EUVD
EUVDadded 2026/02/04 1:57 p.m.3 views

EUVD-2025-206791

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation scenarios: Scenario 1...

6.7CVSS6.4AI score0.0001EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/01/15 7:44 p.m.21 views

CVE-2026-23746 Entrust Instant Financial Issuance (IFI) SmartCardController Service .NET Remoting RCE

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...

9.3CVSS0.00411EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/01/15 12:0 a.m.4 views

PT-2026-3100

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...

9.3CVSS7.9AI score0.00411EPSS
Exploits0References4
CNNVD
CNNVDadded 2024/10/22 12:0 a.m.1 views

Trend Micro Deep Discovery Inspector SQL注入漏洞

Trend Micro Deep Discovery Inspector is a physical or virtual network appliance from Trend Micro that monitors networks in 360 degrees. A security vulnerability exists in Trend Micro Deep Discovery Inspector version 5.8 and earlier, which originated from a vulnerability that allows an attacker to...

9.1CVSS6AI score0.00393EPSS
Exploits0References3
OSV
OSVadded 2024/05/15 9:15 p.m.2 views

CVE-2024-27244

Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for Windows may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS5.8AI score0.00092EPSS
Exploits0References1
Exploit DB
Exploit DBadded 2003/07/17 12:0 a.m.22 views

eStore 1.0.1/1.0.2 - 'Settings.inc.php' Full Path Disclosure

source: https://www.securityfocus.com/bid/8220/info eStore is prone to a path disclosure vulnerability. It has been reported that a remote attacker may make a direct HTTP request for an eStore include script and in doing so trigger an error. The resulting error message will disclose potentially...

7.4AI score
Exploits0
Rows per page
Query Builder