Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/12 10:39 p.m.5 views

CVE-2026-44341

GoJobs is a REST API for a Job Board platform. The application exposes a job retrieval endpoint that allows unauthenticated users to access job details by directly manipulating object identifiers. The endpoint lacks proper authentication and authorization checks, resulting in unauthorized access ...

5.3CVSS5.8AI score0.00055EPSS
Exploits0References2
NVD
NVDadded 2026/04/16 9:16 p.m.2 views

CVE-2026-40901

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the application, deserializ...

9CVSS0.00142EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/04/16 8:57 p.m.13 views

CVE-2026-40901 DataEase: Quartz Deserialization → Remote Code Execution

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the application, deserializ...

9CVSS0.00142EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/04/16 8:57 p.m.0 views

CVE-2026-40901 DataEase: Quartz Deserialization → Remote Code Execution

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the application, deserializ...

9CVSS6.3AI score0.00142EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/04/16 8:57 p.m.2 views

CVE-2026-40901

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the application, deserializ...

9CVSS6.3AI score0.00142EPSS
Exploits1References3Affected Software1
EUVD
EUVDadded 2026/04/07 8:22 p.m.2 views

EUVD-2026-19923

Cronicle is a multi-server task scheduler and runner, with a web based front-end UI. Prior to 0.9.111, a non-admin user with createevents and runevents privileges can inject arbitrary JavaScript through job output fields html.content, html.title, table.header, table.rows, table.caption. The serve...

5.3CVSS6AI score0.00035EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:54 a.m.17 views

CVE-2025-1110

An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query...

4.3CVSS6.4AI score0.0003EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2025/10/28 9:16 p.m.4 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

8.7CVSS6.8AI score0.00257EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-32106

Malicious code in bioql PyPI...

2.3CVSS6.6AI score0.00037EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-16116

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.0003EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-16115

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.0003EPSS
Exploits0References3
OSV
OSVadded 2025/10/02 1:15 p.m.0 views

CVE-2025-11239

Potentially sensitive information in jobs on KNIME Business Hub prior to 1.16.0 were visible to all members of the user's team. Starting with KNIME Business Hub 1.16.0 only metadata of jobs is shown to team members. Only the creator of a job can see all information including in- and output data i...

4.3CVSS5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-1110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could...

4.3CVSS5.4AI score0.0003EPSS
Exploits0References2
OSV
OSVadded 2025/07/25 4:15 p.m.0 views

CVE-2025-3508

Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information...

6.5CVSS5.8AI score
Exploits0References1
OSV
OSVadded 2025/05/26 7:43 a.m.7 views

BIT-GITLAB-2025-1110 Insufficient Granularity of Access Control in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query...

4.3CVSS6.7AI score0.0003EPSS
Exploits0References3
NVD
NVDadded 2025/05/22 2:16 p.m.10 views

CVE-2025-1110

An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query...

4.3CVSS0.0003EPSS
Exploits0References2
OSV
OSVadded 2025/05/22 2:16 p.m.1 views

UBUNTU-CVE-2025-1110

An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query...

4.3CVSS5.7AI score0.0003EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/05/22 2:2 p.m.12 views

CVE-2025-1110 Insufficient Granularity of Access Control in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query...

2.7CVSS0.0003EPSS
Exploits0References2
CVE
CVEadded 2025/05/22 2:2 p.m.74 views

CVE-2025-1110

GitLab CE/EE vulnerability CVE-2025-1110 affects all versions 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query due to insufficient access control granularity. The issue is documented across multiple sources (NVD, OSV) ...

4.3CVSS3.4AI score0.0003EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2025/05/22 2:2 p.m.7 views

CVE-2025-1110 Insufficient Granularity of Access Control in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query...

2.7CVSS6.3AI score0.0003EPSS
Exploits0References5
Rows per page
Query Builder