Lucene search
K

183 matches found

Circl
Circl
added 2024/10/28 7:31 p.m.10 views

CVE-2024-48826

creationtimestamp| type| source ---|---|--- 2024-10-28 19:31:09+00:00| seen| None 2024-10-28 22:01:30+00:00| seen| https://t.me/cvedetector/9174 2026-07-05 08:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpv4mgawro2l...

8.8CVSS7.2AI score0.01674EPSS
Exploits1References2
Circl
Circl
added 2024/10/28 5:52 p.m.8 views

CVE-2024-50460

creationtimestamp| type| source ---|---|--- 2024-10-28 17:52:11+00:00| seen| None 2024-10-28 20:21:02+00:00| seen| https://t.me/cvedetector/9158...

5.9CVSS4.8AI score0.00241EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/21 12:0 a.m.8 views

Gradio < 4.37.1 Open Redirect

Gradio before version 4.37.1 suffer from an open redirect vulnerability, allowing an attacker to craft a link and try redirecting target applications users to a malicious server. This detection is included in the AI and LLM category. No source data...

6.1CVSS7.1AI score0.01021EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/15 12:0 a.m.8 views

Apache Tapestry Arbitrary File Read

Apache Tapestry versions 5.4.0 5.6.2 and 5.7.0 5.7.1 allows an unauthenticated attacker to access Class files via a specially crafted request. If the value of 'tapestry.hmac-passphrase' is recovered, this vulnerability can be exploited to obtain arbitrary code execution through the value of the...

10CVSS8AI score0.94089EPSS
Exploits5References5
Circl
Circl
added 2024/10/14 8:1 p.m.13 views

CVE-2024-45733

creationtimestamp| type| source ---|---|--- 2024-10-14 20:01:33+00:00| seen| https://t.me/cvedetector/7842 2024-10-15 08:56:39+00:00| seen| Telegram/ogWYXRd5jkGfb4csux216rM-nxQYrbB7cGOQSlND5a7 2024-10-18 12:28:37+00:00| seen| None 2025-01-15 17:55:00+00:00| seen|...

8.8CVSS7.2AI score0.01092EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.8 views

Sequelize Configuration File Detected

Sequelize is a promise-based Node.js ORM tool for databases engines. Sequelize CLI uses by default a configuration file in 'config' directory to store the environment and database information. By accessing it, an attacker could leverage the vulnerability to gain unauthorized and privileged access...

7.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/06 12:0 a.m.27 views

Nginx 1.5.13 < 1.26.2 Buffer Over-read

According to its Server response header, the installed version of nginx is 1.5.13 to 1.26.2 or 1.27.0. It is, therefore, affected by a security issue was identified in the ngxhttpmp4module, which might allow an attacker to cause a worker process crash by using a specially crafted mp4 file...

5.7CVSS5.3AI score0.0032EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/06 12:0 a.m.11 views

Flowise < 2.0.6 Authentication Bypass

Flowise versions prior to 2.0.6 are vulnerable to an authentication bypass allowing a remote and unauthenticated attacker to perform administrative actions through the REST API. No source data...

9.8CVSS7.8AI score0.42783EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/09/06 12:0 a.m.290 views

Nginx 1.27.0 Buffer Over-read

According to its Server response header, the installed version of nginx is 1.5.13 to 1.26.2 or 1.27.0. It is, therefore, affected by a security issue was identified in the ngxhttpmp4module, which might allow an attacker to cause a worker process crash by using a specially crafted mp4 file...

5.7CVSS5.3AI score0.0032EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/03 12:0 a.m.12 views

Gradio Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Gradio instance on the target application. Gradio is a software to build machine learning apps in Python. This detection is included in the AI and LLM category. No source data...

7.2AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/03 12:0 a.m.15 views

FCKEditor Unsupported Version

The installation of FCKEditor detected on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. No source data...

7.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/03 12:0 a.m.10 views

Laravel Pulse Unrestricted Access

Laravel Pulse is a Laravel package that provides information about application performance. If an attacker gains access to this dashboard, he can retrieve sensitive information, notably from stack traces or endpoints. No source data...

6.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.6 views

Ivanti EPM Cloud Services Appliance < 4.6.0-512 Remote Code Execution

Ivanti EPM Cloud Services Appliance versions prior to 4.6.0-512 is affected by a vulnerability allowing an unauthenticated attacker to execute remote code via a specially forged request with limited permissions nobody. No source data...

9.8CVSS8.2AI score0.99105EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2024/07/05 12:0 a.m.15 views

Apache 2.4.60 Source Code Disclosure

According to its banner, the version of Apache running on the remote host is 2.4.60. It is, therefore, affected by a source code disclosure with handlers configured via AddType. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...

6.2CVSS7.5AI score0.00889EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.12 views

Ray Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Ray instance on the target application. Ray is an open-source framework to build and scale Machine Learning ML and Python applications. This detection is included in the AI and LLM category. No...

7.2AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/26 12:0 a.m.291 views

WordPress 6.3.x < 6.3.5 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A Cross-Site Scripting XSS vulnerability affecting the HTML API. - A Cross-Site Scripting XSS vulnerability affecting the Template Part block. - A path traversal issue...

6.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/26 12:0 a.m.10 views

Chatgpt.js Detected

This is an informational plugin to inform the user that the scanner has detected the usage of the ChatGPT.JS client-side library on the target application. This detection is included in the AI and LLM category. No source data...

7.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/20 12:0 a.m.41 views

Atlassian Jira 9.13.x < 9.16.0 Information Disclosure

According to its self-reported version number, the Atlassian Jira application running on the remote host is prior to 9.4.21, 9.5.x prior to 9.12.8 or 9.13.x prior to 9.16.0. It is, therefore, affected by an information disclosure vulnerability. Note that the scanner has not tested for these issue...

7.4CVSS7AI score0.00439EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/20 12:0 a.m.15 views

AnythingLLM Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible AnythingLLM instance on the target application. AnythingLLM let you choose between different LLM or vector database to use and allow to convert any document or content into references that the...

7.2AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/20 12:0 a.m.11 views

Flowise Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Flowise instance on the target application. Flowise is a builder for LLM applications. This detection is included in the AI and LLM category. No source data...

7.2AI score
Exploits0References2
Rows per page
Query Builder