Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/05/12 12:0 a.m.4 views

Apache Tomcat 安全漏洞

Apache Tomcat is a lightweight web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Security vulnerabilities exist in versions of Apache Tomcat ranging from 11.0.0-M1 to 11.0.21, from 10.1.0-M1 to 10.1.54, from...

3.7CVSS5.8AI score0.001EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/04/28 12:0 a.m.5 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.2 contained security vulnerabilities. These vulnerabilities were caused by timing side-channel issues in the shared key comparison call point, which could allow attackers to...

6.3CVSS5.8AI score0.00041EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/11/05 9:27 a.m.2 views

CVE-2025-12192 The Events Calendar <= 6.15.9 - Sysinfo Key Incorrect Comparison to Unauthenticated Sensitive Information Exposure

The Events Calendar plugin for WordPress is vulnerable to information disclosure in versions up to, and including, 6.15.9. The sysinfo REST endpoint compares the provided key to the stored opt-in key using a loose comparison, allowing unauthenticated attackers to send a boolean value and obtain t...

5.3CVSS5.4AI score0.00073EPSS
Exploits0References2
CVE
CVEadded 2025/11/05 9:27 a.m.12 views

CVE-2025-12192

CVE-2025-12192 affects The Events Calendar WordPress plugin up to version 6.15.9. The issue stems from the sysinfo REST endpoint performing a loose comparison between the provided key and the stored opt-in key, allowing unauthenticated attackers to trigger the endpoint and retrieve the full syste...

5.3CVSS5.4AI score0.00073EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/11/05 9:27 a.m.3 views

CVE-2025-12192 The Events Calendar <= 6.15.9 - Sysinfo Key Incorrect Comparison to Unauthenticated Sensitive Information Exposure

The Events Calendar plugin for WordPress is vulnerable to information disclosure in versions up to, and including, 6.15.9. The sysinfo REST endpoint compares the provided key to the stored opt-in key using a loose comparison, allowing unauthenticated attackers to send a boolean value and obtain t...

5.3CVSS0.00073EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-0109

Malware in sbrugna...

9.8CVSS9.3AI score0.00389EPSS
Exploits0References8
Hacker One
Hacker Oneadded 2023/03/09 6:9 p.m.166 views

curl: CVE-2023-27538: SSH connection too eager reuse still

A vulnerability CVE-2023-27538 existed in the SSH connection reuse feature of cURL library. The vulnerability allowed for connection reuse even when different SSH keys were used, due to a broken check for SSH key matching. The vulnerability could potentially lead to unauthorized access to sensiti...

5.5CVSS7AI score0.00012EPSS
Exploits1
Veracode
Veracodeadded 2020/03/02 7:37 a.m.7 views

Timing Attack

antonioribeiro/google2fa is vulnerable to timing attacks. This vulnerability is possible because of the insecure usage of == during the user specified key comparison in verifyKey function in Google2FA.php which may lead to an information disclosure...

3AI score
Exploits0
Rows per page
Query Builder