Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2931 matches found

CVE
CVEadded 2024/06/25 8:10 p.m.53 views

CVE-2024-5012

Progress WhatsUp Gold

8.6CVSS8.6AI score0.00445EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2024/06/21 12:0 a.m.3 views

WordPress plugin EmbedPress security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.8CVSS6.8AI score0.00323EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/06/19 12:0 a.m.3 views

WordPress plugin Elementor Pro security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.5CVSS6.8AI score0.00314EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/06/18 5:44 a.m.37 views

CVE-2024-33622

Missing authentication for critical function vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, sensitive information may be obtained and/or the information stored in the database may be altered by a remote authenticated attacker...

0.00438EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2024/06/18 4:43 a.m.1 views

Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR

Overview ID Link Manager and FUJITSU Software TIME CREATOR provided by Fsas Technologies Inc. contain multiple vulnerabilities listed below. Path Traversal CWE-36 CVE-2024-33620 Missing Authentication CWE-306 CVE-2024-33622 Information disclosure CWE-204 CVE-2024-34024 Christian Demko of WithSecu...

8.6CVSS6.8AI score0.00678EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2024/06/18 12:0 a.m.32 views

JVN#65171386: Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR

ID Link Manager and FUJITSU Software TIME CREATOR provided by Fsas Technologies Inc. contain multiple vulnerabilities listed below. Path Traversal CWE-36 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Base Score 8.6 CVE-2024-33620 Missing Authentication CWE-306...

8.6CVSS8.7AI score0.00678EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2024/06/17 6:21 a.m.12 views

Multiple vulnerabilities in Toshiba Tec and Oki Electric Industry MFPs

Overview MFPs multifunction printers provided by Toshiba Tec Corporation and Oki Electric Industry Co., Ltd. contain multiple vulnerabilities listed below. Improper Restriction of Recursive Entity References in DTDs 'XML Entity Expansion' CWE-776 - CVE-2024-27141, CVE-2024-27142 Execution with...

9.8CVSS7.5AI score0.26811EPSS
Exploits2References65
Cvelist
Cvelistadded 2024/06/13 7:40 p.m.56 views

CVE-2024-5947 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability

Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

6.5CVSS0.02418EPSS
Exploits3References1
Cvelist
Cvelistadded 2024/06/13 7:40 p.m.19 views

CVE-2024-5951 Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...

7.1CVSS0.00778EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/06/12 12:0 a.m.4 views

PT-2024-5656 · Palo Alto Networks · Palo Alto Networks Expedition

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Expedition versions prior to 1.2.92 Description: The vulnerability is related to a missing authentication mechanism for a critical function in Palo Alto Networks Expedition, allowing an attacker with network access to take...

9.8CVSS9.6AI score0.91684EPSS
Exploits9References129
CNNVD
CNNVDadded 2024/06/11 12:0 a.m.3 views

WordPress plugin Fastly security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.8AI score0.00364EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/06/11 12:0 a.m.2 views

WordPress plugin weDocs security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS6.8AI score0.00373EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/06/11 12:0 a.m.2 views

WordPress plugin WP Discourse security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS6.8AI score0.00372EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/06/11 12:0 a.m.3 views

WordPress plugin Preloader for Website security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.3CVSS6.8AI score0.00511EPSS
Exploits0References3
NVD
NVDadded 2024/06/10 4:15 p.m.16 views

CVE-2024-34800

Missing Authorization vulnerability in Crafthemes Crafthemes Demo Import crafthemes-demo-import allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crafthemes Demo Import: from n/a through = 3.3...

7.6CVSS0.00333EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/06/10 3:41 p.m.15 views

CVE-2024-34800 WordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary Plugin Installation vulnerability

Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import allows Functionality Misuse.This issue affects Crafthemes Demo Import: from n/a through 3.3...

7.6CVSS7.2AI score0.00333EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/06/10 3:41 p.m.29 views

CVE-2024-34800 WordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary plugin Installation vulnerability

Missing Authorization vulnerability in Crafthemes Crafthemes Demo Import crafthemes-demo-import allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crafthemes Demo Import: from n/a through = 3.3...

7.6CVSS0.00333EPSS
Exploits0References1
CVE
CVEadded 2024/06/10 3:41 p.m.46 views

CVE-2024-34800

CVE-2024-34800 affects the WordPress plugin Crafthemes Demo Import (

7.6CVSS5.9AI score0.00333EPSS
Exploits0References2
ICS
ICSadded 2024/06/06 6:0 a.m.34 views

Emerson Ovation

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Emerson Equipment : Ovation Vulnerabilities : Missing Authentication for Critical Function, Insufficient Verification of Data Authenticity CISA is aware of a public report, known as...

7.8AI score
Exploits0References10
ATTACKERKB
ATTACKERKBadded 2024/06/05 12:15 p.m.2 views

CVE-2024-1662

Missing Authentication for Critical Function, Missing Authorization vulnerability in PORTY Smart Tech Technology Joint Stock Company PowerBank Application allows Retrieve Embedded Sensitive Data. This issue affects PowerBank Application: before 2.02...

7.5CVSS5.4AI score0.00407EPSS
Exploits0References3
Rows per page
Query Builder