Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2025/11/06 12:0 a.m.2 views

PT-2025-45392

Name of the Vulnerable Software and Affected Versions Splunk Enterprise affected versions not specified Description A lack of proper input validation in the dashboard label or path can enable an attacker to cause a device error, potentially leading to information disclosure or data manipulation...

6.4CVSS6.2AI score0.00041EPSS
Exploits0References8
OSV
OSVadded 2025/07/03 9:15 a.m.1 views

DEBIAN-CVE-2025-38147

In the Linux kernel, the following vulnerability has been resolved: calipso: Don't call calipso functions for AFINET sk. syzkaller reported a null-ptr-deref in txoptget. 0 The offset 0x70 was of struct ipv6txoptions in struct ipv6pinfo, so struct ipv6pinfo was NULL there. However, this never...

5.5CVSS5.5AI score0.00105EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2024/03/29 7:5 p.m.26 views

Un-sanitized metric name or labels can be used to take over exported metrics

Impact In code which applies un-sanitized string values into metric names or labels, like this: swift let lang = try? request.query-getString.self, at: "lang" Counter label: "language", dimensions: "lang", lang ?? "unknown" an attacker could make use of this and send a ?lang query parameter...

7.4CVSS6.9AI score0.00499EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2024/02/26 7:40 p.m.20 views

CVE-2024-27092 Content spoofing - real Hoppscotch emails

Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label Edit Team - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload external link is presented in clickable form - easier to achieve own goals by malicious actors. This iss...

5.4CVSS5.5AI score0.00238EPSS
Exploits1References5
CNNVD
CNNVDadded 2023/09/22 12:0 a.m.1 views

aes-gcm Data Forgery Issue Vulnerability

aes-gcm is a cryptographic algorithm in the aes-gcm open source. Vulnerabilities in aes-gcm versions prior to 0.10.0 to 0.10.3 suffer from a data forgery problem, which stems from the fact that in AES GCM decryption implementations, plaintext is made public in the form of decryptinplacedetached...

5.5CVSS6.7AI score0.00016EPSS
Exploits1References7
CVE
CVEadded 2023/07/24 3:19 p.m.87 views

CVE-2023-3384

Technical details about CVE-2023-3384 (affected product/version, root cause, impact, fix) are not provided in the connected documents; monitor for updates.

5.4CVSS5.2AI score0.0046EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2023/06/23 10:17 a.m.31 views

CVE-2023-3384

A flaw was found in the Quay registry. While the image labels created through Quay undergo validation both in the UI and backend by applying a regex validation.py, the same validation is not performed when the label comes from an image. This flaw allows an attacker to publish a malicious image to...

5.4CVSS6.4AI score0.0046EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2020/06/17 7:38 p.m.2 views

jenkins: XSS in job configuration pages

Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored XSS vulnerability exploitable by users able to define node labels...

5.4CVSS6.1AI score0.0017EPSS
Exploits0References5
Rows per page
Query Builder