Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/09/24 7:34 p.m.4 views

CVE-2025-59433

Conventional Changelog generates changelogs and release notes from a project's commit messages and metadata. Prior to version 2.0.0, @conventional-changelog/git-client has an argument injection vulnerability. This vulnerability manifests with the library's getTags API, which allows extra paramete...

5.3CVSS7.2AI score0.00031EPSS
Exploits0References1
OSV
OSVadded 2025/09/22 6:1 p.m.2 views

GHSA-VH25-5764-9WCR @conventional-changelog/git-client has Argument Injection vulnerability

Background on exploitation This vulnerability manifests with the library's getTags API, which allows specifying extra parameters passed to the git log command. In another API by this library - getRawCommits there are secure practices taken to ensure that the extra parameter path is unable to inje...

5.3CVSS7.5AI score0.00031EPSS
Exploits0References4
OSV
OSVadded 2023/03/15 7:15 p.m.1 views

CVE-2023-25282

A heap overflow vulnerability in D-Link DIR820LA1FW106B02 allows attackers to cause a denial of service via the config.logtosyslog and logoptdropPackets parameters to mydlinkapi.ccp...

6.5CVSS6.6AI score0.00826EPSS
Exploits1References2
OSV
OSVadded 2019/11/02 4:54 p.m.6 views

MGASA-2019-0309 Updated ansible packages fix security vulnerabilities

Updated ansible package fixes security vulnerabilities: ansible-playbook -k and ansible cli tools prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them CVE-2019-10206. Ansible was...

7.8CVSS6.1AI score0.00319EPSS
Exploits0References3
OSV
OSVadded 2019/10/14 3:15 p.m.1 views

UBUNTU-CVE-2019-14858

A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...

7.3CVSS6.6AI score0.00078EPSS
Exploits0References3
OSV
OSVadded 2019/09/27 6:15 p.m.0 views

UBUNTU-CVE-2019-11751

Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. Note: this issue...

8.8CVSS7.4AI score0.00501EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2019/09/03 12:0 a.m.4 views

PT-2019-13857

Name of the Vulnerable Software and Affected Versions Ansible engine versions 2.x up to 2.8 Ansible tower versions 3.x up to 3.5 Description A vulnerability was found in Ansible engine and Ansible tower. When a module has an argument spec with sub parameters marked as no log, passing an invalid...

7.3CVSS7AI score0.00078EPSS
Exploits0References169
exploitpack
exploitpackadded 2004/08/21 12:0 a.m.14 views

AWStats 5.0 6.3 - logfile File Inclusion Command Execution

AWStats 5.0 6.3 - logfile File Inclusion Command Execution Example: http://target/awstats.pl?filterrawlog=&rawlogmaxlines=5000&config=stats.jdims.info&framename=main&pluginmode=rawlog&log file=/etc/passwd...

0.9AI score
Exploits0
Rows per page
Query Builder