Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Veracode
Veracodeadded 2026/05/14 6:34 p.m.5 views

Authentication Bypass

s3-proxy is vulnerable to Authentication Bypass. The vulnerability is due to inconsistent URL path interpretation between the authentication middleware and bucket handler, which allows an attacker to bypass access controls and perform unauthorized operations on protected S3 objects...

9.4CVSS5.8AI score0.00197EPSS
Exploits0References5Affected Software1
CNNVD
CNNVDadded 2026/05/04 12:0 a.m.5 views

vm2 安全漏洞

vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using Node.js built-in modules listed in the allowlist. Version 3.10.4 of vm2 contains security vulnerabilities. Attackers can exploit these vulnerabilities to obtain host process objects...

9.8CVSS6.1AI score0.00118EPSS
Exploits1References1
NVD
NVDadded 2025/10/16 6:15 p.m.3 views

CVE-2025-61907

Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information tha...

7.1CVSS0.00043EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/16 5:11 p.m.3 views

EUVD-2025-34794

Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information tha...

7.1CVSS5.8AI score0.00043EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2017-16806

Malware in sbrugna...

5.3CVSS7.4AI score0.00331EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-7051

Malware in sbrugna...

9.8CVSS9.2AI score0.00504EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/08/14 2:24 a.m.4 views

CVE-2025-42936

The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access restricted objects in the barcode interface, leading to privilege escalation. This results in a low impac...

5.4CVSS7AI score0.00057EPSS
Exploits0References1
OSV
OSVadded 2025/03/24 7:15 p.m.0 views

CVE-2025-2746

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through...

9.8CVSS5.8AI score0.89733EPSS
Exploits1References5
CNVD
CNVDadded 2018/07/11 12:0 a.m.2 views

Microsoft Edge Information Disclosure Vulnerability (CNVD-2018-12880)

Edge is Microsoft's browser for Windows 10. Microsoft Edge suffers from an information disclosure vulnerability. The vulnerability stems from Microsoft Edge failing to properly handle objects in memory. An attacker could exploit the vulnerability to obtain information that could further compromis...

4.3CVSS4.5AI score0.05625EPSS
Exploits0References1
NVD
NVDadded 2003/12/01 5:0 a.m.14 views

CVE-2003-0935

Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed...

6.4CVSS6.3AI score0.00862EPSS
Exploits0References6
Rows per page
Query Builder