Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Snyk
Snykadded 2026/05/06 9:43 p.m.5 views

Cross-site Scripting (XSS)

Overview @jupyterlab/rendermime-extension is an A rendermime extension for JupyterLab Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute arbitra...

9.3CVSS5.9AI score0.00061EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/03/28 12:24 a.m.1 views

SUSE CVE-2026-33670

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. Version 3.6.2 patches the issue...

9.8CVSS5.8AI score0.00031EPSS
Exploits1References3
OSV
OSVadded 2026/03/26 9:15 p.m.2 views

CVE-2026-33670 SiYuan has directory traversal within its publishing service

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. Version 3.6.2 patches the issue...

9.8CVSS6.3AI score0.00031EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2026/03/25 7:38 p.m.2 views

SiYuan has directory traversal within its publishing service

Details The /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. PoC python !/usr/bin/env python3 """POC: SiYuan /api/file/readDir 未鉴权目录遍历""" import requests, json, sys def poctarget: base = target.rstrip"/" url = f"base/api/file/readDir"...

9.8CVSS5.9AI score0.00031EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.1 views

PT-2026-28171

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.6.2 Description SiYuan, a personal knowledge management system, contains a directory traversal issue in the /api/file/readDir interface. This interface was used to retrieve file names under a notebook without proper...

9.8CVSS5.9AI score0.00031EPSS
Exploits1References9
OSV
OSVadded 2025/02/07 3:15 p.m.0 views

UBUNTU-CVE-2024-10383

An issue has been discovered in the gitlab-web-ide-vscode-fork component distributed over CDN affecting all versions prior to 1.89.1-1.0.0-dev-20241118094343and used by all versions of GitLab CE/EE starting from 15.11 prior to 17.3 and which also temporarily affected versions 17.4, 17.5 and 17.6,...

8.7CVSS5.7AI score0.00431EPSS
Exploits0References4
OSV
OSVadded 2021/11/05 12:15 a.m.0 views

UBUNTU-CVE-2021-39906

Improper validation of ipynb files in GitLab CE/EE version 13.5 and above allows an attacker to execute arbitrary JavaScript code on the victim's behalf...

8.7CVSS7.2AI score0.01EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2021/11/04 12:0 a.m.2 views

PT-2021-22753 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.5 and above Description: The issue arises from improper validation of ipynb files, allowing an attacker to execute arbitrary JavaScript code on the victim's behalf. This enables the attacker to perform actions as the...

8.7CVSS7.6AI score0.01EPSS
Exploits0References11
Rows per page
Query Builder