Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

58530 matches found

CNNVD
CNNVDadded 6 days ago5 views

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. These vulnerabilities stem from the misleading or insufficient UI provided by the getCallingAppLabel function in CertInstaller.java, which may lead to t...

7.8CVSS5.8AI score0.00005EPSS
Exploits0References1
CNNVD
CNNVDadded 6 days ago5 views

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. These vulnerabilities stem from the misleading or insufficient UI provided by the getApplicationLabel function in KeyChainActivity.java, which may lead...

7.8CVSS5.8AI score0.00003EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 6 days ago9 views

PT-2026-45511

Name of the Vulnerable Software and Affected Versions OpenAirInterface5G version 2.4.0 Description An issue exists in the E2SM-KPM RAN Function's PRB utilization metric calculation within the nr-softmodem component. The functions fill RRU PrbTotDl and fill RRU PrbTotUl compute PRB usage percentag...

8.6CVSS5.5AI score0.00065EPSS
Exploits0References4
OSV
OSVadded 6 days ago3 views

ASB-A-473005624

In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00005EPSS
Exploits0References2
CNNVD
CNNVDadded 6 days ago5 views

openairinterface5G security vulnerability

openairinterface5G is an open-source implementation of the OAI project, focusing on the research, development, and testing of 5G NR New Radio core networks and access networks. Version 2.4.0 of openairinterface5G contains a security vulnerability. This vulnerability stems from the E2SM-KPM RAN...

8.6CVSS5.8AI score0.00065EPSS
Exploits0References2
Packet Storm
Packet Stormadded 6 days ago30 views

📄 Apache ActiveMQ Jolokia Remote Code Execution

This is a proof of concept security research tool that evaluates a potential authenticated remote code execution pathway through the Jolokia management interface exposed by Apache ActiveMQ. The tool authenticates to the broker, discovers configuration details, interacts with JMX operations expose...

8.8CVSS7.2AI score0.83461EPSS
Exploits12
Vulnrichment
Vulnrichmentadded last week6 views

CVE-2026-10204 OFCMS JSON Query SysUserController.java query sql injection

A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...

6.5CVSS5.7AI score0.00031EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded last week8 views

CVE-2026-10204

A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...

6.5CVSS6.4AI score0.00031EPSS
Exploits0References5
Cvelist
Cvelistadded last week36 views

CVE-2026-10204 OFCMS JSON Query SysUserController.java query sql injection

A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...

6.5CVSS0.00031EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded last week6 views

CVE-2026-10203 OFCMS JSON Query SystemParamController.java query sql injection

A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The manipulation results in sql injection. The attack can be launched...

6.5CVSS6.4AI score0.00031EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded last week8 views

CVE-2026-10203

A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The manipulation results in sql injection. The attack can be launched...

6.5CVSS6.4AI score0.00031EPSS
Exploits0References5
CVE
CVEadded last week9 views

CVE-2026-10203

The report identifies CVE-2026-10203 affecting OFCMS 1.1.3. The vulnerability lies in the JSON Query Interface: the Query function in OFCMS-admin/src/main/java/com/ofsoft/cms/admin/controller/system/SystemParamController.java, which enables SQL injection. This can be triggered remotely, with publ...

6.5CVSS6.4AI score0.00031EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded last week7 views

CVE-2026-10202

A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...

6.5CVSS6.4AI score0.00031EPSS
Exploits0References5
Cvelist
Cvelistadded last week28 views

CVE-2026-10202 OFCMS JSON Query SystemDictController.java query sql injection

A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...

6.5CVSS0.00031EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded last week5 views

CVE-2026-48210 Possible information disclosure via External Interface

An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the “Is visible for customer” flag by default and prevent users from disabling it via the UI. This leads to unintended exposure of internal ticket information to the External Frontend This issue...

5.7CVSS5.8AI score0.00011EPSS
Exploits0References1
GithubExploit
GithubExploitadded last week61 views

Exploit for CVE-2022-42005

Tesla Security Research Vulnerability research on the Tesla M...

6.2AI score
Exploits1
NVD
NVDadded last week9 views

CVE-2026-10190

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS0.00097EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded last week6 views

CVE-2026-10190 Tenda W12 Web Management httpd cgiSysWebTimeoutSet denial of service

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS5.6AI score0.00097EPSS
Exploits0References6
CVE
CVEadded last week11 views

CVE-2026-10190

CVE-2026-10190 affects Tenda W12 3.0.0.7(4763). The Web Management Interface contains a vulnerable function: cgiSysWebTimeoutSet in /bin/httpd. Manipulating the argument web_over_time triggers a denial of service. The vulnerability is exploitable remotely, and public exploit code exists. The prov...

7.1CVSS6.3AI score0.00097EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded last week10 views

CVE-2026-10190

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS6.3AI score0.00097EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder