Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Snyk
Snykadded 2025/09/17 7:21 p.m.2 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication via the Manager web UI endpoints /api/v1/jobs and /preheats. An attacker can gain unauthorized access to create, delete, or modify jobs, and initiate preheat jobs by sending unauthenticated requests to these...

9.1CVSS6.8AI score0.00361EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/02/27 12:0 a.m.3 views

Geovision GV-ASWeb 代码注入漏洞

Geovision GV-ASWeb is a Web-based software from Geovision China for remote access and configuration of GV-ASManager's database. A code injection vulnerability exists in Geovision GV-ASWeb, which can be exploited by an attacker to execute arbitrary commands on the system...

8.8CVSS8.1AI score0.18026EPSS
Exploits3References6
Cvelist
Cvelistadded 2023/06/13 8:15 p.m.21 views

CVE-2023-2637 Rockwell Automation FactoryTalk System Services Vulnerable To Use Of Hard-Coded Cryptographic Key

Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Hard-coded cryptographic key may lead to privilege escalation. This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie...

7.3CVSS8.3AI score0.00203EPSS
Exploits0References1
CVE
CVEadded 2023/06/13 8:15 p.m.65 views

CVE-2023-2637

CVE-2023-2637 affects Rockwell Automation’s FactoryTalk System Services. The vulnerability arises from a hard-coded cryptographic key used to generate administrator cookies, which could allow a local, authenticated non-admin user to forge an invalid administrator cookie and gain administrative pr...

8.2CVSS7.6AI score0.00203EPSS
Exploits0References1Affected Software2
OSV
OSVadded 2021/04/30 12:15 p.m.2 views

DEBIAN-CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

4.9CVSS6.6AI score0.01706EPSS
Exploits0References1
seebug.org
seebug.orgadded 2016/04/13 12:0 a.m.42 views

Samba Badlock 漏洞

概述 Samba 3.6.0-4.4.0版本在MS-SAMR及MS-LSAD协议未正确处理DCERPC连接,可使中间人攻击者修改客户端到服务器的数据流,执行协议降级攻击并冒充用户,对Security Account Manager Database读写操作,获取敏感信息等。 在首次被公开发布时称为"Badlock"。 受影响版本 cpe:/a:samba:samba:4.4.0 cpe:/a:samba:samba:4.4.1 cpe:/a:samba:samba:4.4.0:rc3 cpe:/a:samba:samba:4.4.0:rc2...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2009/12/20 12:0 a.m.42 views

HP OpenView Storage Data Protector rds.exe服务堆溢出漏洞

BUGTRAQ ID: 37386 CVECAN ID: CVE-2007-2281 HP OpenView Storage Data Protector是可扩展的数据管理解决方案,实现基于磁盘或磁带的高性能备份和恢复功能。 OpenView Storage Data Protector默认绑定在TCP 1530端口上的Cell Manager Database服务(rds.exe)中存在堆溢出漏洞。该服务通过ncp32.NtrpTCPReceiveMsg接收以下格式的套接字数据: 0xB6298C234-byte size....data...

10CVSS6.6AI score0.08823EPSS
Exploits1
NVD
NVDadded 2009/12/18 7:30 p.m.14 views

CVE-2007-2281

Integer overflow in the ncp32.NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter...

10CVSS7.5AI score0.08823EPSS
Exploits1References5
Rows per page
Query Builder