Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2026/03/30 8:31 p.m.5 views

CVE-2026-28228

OpenOLAT SAS/Velocity SSTI vulnerability (CVE-2026-28228) allows an authenticated author to inject Velocity directives into a reminder email; when processed, directives are evaluated server-side via Velocity #set chained with Java reflection, enabling arbitrary Java class execution (e.g., Process...

8.8CVSS5.9AI score0.00022EPSS
Exploits0References1Affected Software1
CNVD
CNVDadded 2018/03/07 12:0 a.m.1 views

Antsle antman authentication bypass vulnerability

Antsle antman is a private cloud server product from Antsle USA. A security vulnerability exists in Antsle antman prior to version 0.9.1a, which stems from the login process using Java's ProcessBuilder class and a bash script that fails to adequately filter input when calling antsle-auth. A remot...

9.8CVSS7.3AI score0.089EPSS
Exploits3References1
Exploit DB
Exploit DBadded 2018/03/02 12:0 a.m.21 views

antMan < 0.9.1a - Authentication Bypass

Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POST parameters as follows:...

7.4AI score
Exploits0
Rows per page
Query Builder