Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2024/10/14 12:0 a.m.3 views

PT-2024-7164 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.1 Splunk Enterprise versions prior to 9.2.3 Splunk Enterprise versions prior to 9.1.6 Description: The software potentially exposes sensitive HTTP parameters to the internal index if the REST Calls log...

6.8CVSS7.4AI score0.00102EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2023/12/25 12:0 a.m.4 views

PT-2023-30874 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions prior to 8.5.14 Concrete CMS versions 9 prior to 9.2.3 Description: The issue allows Cross Site Request Forgery CSRF via the "ccm/calendar/dialogs/event/delete/submit" API endpoint. An attacker can force an admin to dele...

4.3CVSS6.9AI score0.00839EPSS
Exploits0References10
Microsoft CVE
Microsoft CVEadded 2023/11/06 8:0 a.m.2 views

NATS nats-server before 2.9.23 and 2.10.x before 2.10.2 has an authentication bypass. An implicit $G user in an authorization block can sometimes be used for unauthenticated access even when the intention of the configuration was for each user to have an account. The earliest affected version is 2.2.0.

...

6.5CVSS6.7AI score0.00225EPSS
Exploits0
OSV
OSVadded 2023/10/17 7:15 a.m.1 views

DEBIAN-CVE-2023-39456

Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 9.2.3, which fixes the issue...

7.5CVSS7.2AI score0.07819EPSS
Exploits0References1
NCSC
NCSCadded 2023/07/27 12:0 a.m.2 views

Vulnerability fixed in Atlassian Bamboo

Atlassian has fixed a vulnerability in Bamboo Server and Bamboo Data Center. An authenticated malicious person can exploit the exploit the vulnerability to use command-injection to execute arbitrary execute arbitrary code with application privileges and thus potentially gain access to sensitive...

8.8CVSS7.4AI score0.03767EPSS
Exploits0
Circl
Circladded 2023/02/24 6:19 p.m.2 views

CVE-2022-43923

creationtimestamp| type| source ---|---|--- 2023-02-24 18:19:27+00:00| seen| https://t.me/cibsecurity/58880...

6.2CVSS5.5AI score0.00049EPSS
Exploits0References1
Grafana
Grafanaadded 2022/11/08 12:0 a.m.4 views

Race condition allowing privilege escalation

Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patche...

9.8CVSS7.2AI score0.04279EPSS
Exploits0
Circl
Circladded 2009/06/30 12:0 a.m.2 views

CVE-2009-2307

creationtimestamp| type| source ---|---|--- 2009-06-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9056...

7.5CVSS5.8AI score0.00233EPSS
Exploits0References1
Rows per page
Query Builder