Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-1604

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00326EPSS
Exploits0References4
NVD
NVDadded 2025/04/16 10:15 a.m.10 views

CVE-2025-27936

Mattermost Plugin MSTeams versions 2.1.0 and Mattermost Server versions 10.5.x =10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack...

5.9CVSS0.00182EPSS
Exploits0References1
CVE
CVEadded 2025/01/09 6:55 a.m.216 views

CVE-2025-20033

Mattermost CVE-2025-20033 affects multiple releases (10.2.0; 9.11.x up to 9.11.5; 10.0.x up to 10.0.3; 10.1.x up to 10.1.3). The root cause is failure to properly validate post types, enabling a denial-of-service against users with the sysconsole_read_plugins permission by creating a post of type...

6.5CVSS4.7AI score0.00155EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/04/19 8:26 p.m.7 views

CVE-2022-1384 Authorized users are allowed to install old plugin versions from the Marketplace

Mattermost version 6.4.x and earlier fails to properly check the plugin version when a plugin is installed from the Marketplace, which allows an authenticated and an authorized user to install and exploit an old plugin version from the Marketplace which might have known vulnerabilities...

4.7CVSS6.6AI score0.00326EPSS
Exploits0References1
Rows per page
Query Builder