Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Malwarebytes
Malwarebytesadded 2026/04/07 10:45 a.m.5 views

Support platform breach exposes Hims & Hers customer data

Healthcare companies handle some of the most personal data imaginable. That makes them a magnet for hackers. And when those companies outsource their customer support to third-party platforms, every one of those platforms becomes another door someone can try to kick in. Telehealth giant Hims & He...

5.8AI score
Exploits0
EUVD
EUVDadded 2025/12/19 9:29 a.m.3 views

EUVD-2025-204523

The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.9.7.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This...

4.3CVSS5AI score0.00034EPSS
Exploits0References4
NVD
NVDadded 2025/10/22 4:15 p.m.4 views

CVE-2025-62607

Nautobot Single Source of Truth SSoT is an app for Nautobot. Prior to version 3.10.0, an unauthenticated attacker could access this page to view the Service Now public instance name e.g. companyname.service-now.com. This is considered low-value information. This does not expose the Secret, the...

5.3CVSS0.00072EPSS
Exploits0References3
OSV
OSVadded 2025/04/28 9:31 a.m.2 views

GHSA-RC42-6C7J-7H5R Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed

EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: You use Spring Security EndpointRequest.to has been used in a Spri...

7.3CVSS7AI score0.00181EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2022/09/14 12:0 a.m.4 views

PT-2022-7401 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.3 Description: The issue concerns the exposure of private information defined in the setup of GLPI, such as smtp or cas hosts, to unauthorized individuals. This exposure can be exploited remotely, allowing attacker...

10CVSS6.3AI score0.94395EPSS
Exploits40References205
The Hacker News
The Hacker Newsadded 2018/08/24 10:55 a.m.2 views

T-Mobile Hacked — 2 Million Customers' Personal Data Stolen

T-Mobile today confirmed that the telecom giant suffered a security breach on its US servers on August 20 that may have resulted in the leak of "some" personal information of up to 2 million T-Mobile customers. The leaked information includes customers' name, billing zip code, phone number, email...

6.4AI score
Exploits0
UbuntuCve
UbuntuCveadded 2015/10/06 5:59 p.m.19 views

CVE-2015-3862

mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a denial of service process crash via unspecified vectors, aka internal bug 22954006...

5CVSS5.9AI score0.0011EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2014/07/22 5:59 p.m.1 views

Mozilla: Out of bounds write in NSPR (MFSA 2014-55)

An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version o...

10CVSS7.3AI score0.02889EPSS
Exploits0References5
Rows per page
Query Builder