Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 6 hours ago6 views

EUVD-2026-35877

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a userid parameter in the request. Attackers can pass another user's identifier to the...

8.6CVSS5.6AI score
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/03/19 12:0 a.m.1 views

PT-2026-26427

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.3.0-latest.1 Discourse versions prior to 2026.2.1 Discourse versions prior to 2026.1.2 Description Discourse, an open-source discussion platform, has authorization issues within its chat direct message API...

5.4CVSS5.9AI score0.00051EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/11/14 12:0 a.m.8 views

Fedora 41 : webkitgtk (2024-b142cc07d0)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b142cc07d0 advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...

6.5CVSS7.5AI score0.00595EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/10/08 12:0 a.m.18 views

Fedora 39 : webkitgtk (2024-e1357fc22f)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e1357fc22f advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...

6.5CVSS7.5AI score0.00595EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/01/25 12:0 a.m.4 views

kafka-ui OS Command Injection Vulnerability

kafka-ui is an open source Web UI for Apache Kafka. A security vulnerability in kafka-ui versions 0.4.0 through 0.7.1 exists that originates from a vulnerability that could allow a remote attacker to execute arbitrary code via parameter q in /api/clusters/local/topics/messages...

8.8CVSS7.7AI score0.94014EPSS
Exploits5References3
Tenable Nessus
Tenable Nessusadded 2020/03/25 12:0 a.m.39 views

Fedora 31 : webkit2gtk3 (2020-f25793aac4)

Update to WebKitGTK 2.28.0. - Add API to enable Process Swap on Cross-site Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox...

9.8CVSS6.7AI score0.04647EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2020/03/20 12:0 a.m.35 views

Fedora 30 : webkit2gtk3 (2020-f3fa778924)

Update to WebKitGTK 2.28.0. - Add API to enable Process Swap on Cross-site Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox...

9.8CVSS6.7AI score0.04647EPSS
Exploits0References2
Rows per page
Query Builder