Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

CNVD
CNVDadded 2026/04/10 12:0 a.m.2 views

Discourse Input Validation Error Vulnerability (CNVD-2026-17260)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an input validation error vulnerability that originates when the enter operation in StaticController reads the...

6.1CVSS5.7AI score0.00071EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/04/01 11:0 p.m.1 views

CVE-2026-32113

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the enter action in StaticController reads the ssodestinationurl cookie and redirects to it with allowotherhost: true...

6.1CVSS5.7AI score0.00071EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/31 5:39 p.m.2 views

CVE-2026-32113

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the enter action in StaticController reads the ssodestinationurl cookie and redirects to it with allowotherhost: true...

5CVSS5.7AI score0.00071EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-48742

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00337EPSS
Exploits3References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:7 p.m.18 views

CVE-2022-45895

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie findable in HTML source code for Default.aspx in some situations and the WhoAmI endpoint e.g., path disclosure...

6.5CVSS6.8AI score0.00337EPSS
Exploits3References1
Prion
Prionadded 2022/12/25 5:15 a.m.10 views

Path traversal

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie findable in HTML source code for Default.aspx in some situations and the WhoAmI endpoint e.g., path disclosure...

4CVSS6.5AI score0.00337EPSS
Exploits3References1Affected Software1
CVE
CVEadded 2022/12/25 12:0 a.m.65 views

CVE-2022-45895

Planet eStream exposes sensitive information in versions prior to 6.72.10.07 due to issues involving the ON cookie (findable in Default.aspx HTML source) and the WhoAmI endpoint (path disclosure). The CVE-2022-45895 entry consolidates this information as a user-notification-style vulnerability wi...

6.5CVSS7.1AI score0.00337EPSS
Exploits3References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/12/25 12:0 a.m.4 views

CVE-2022-45895

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie findable in HTML source code for Default.aspx in some situations and the WhoAmI endpoint e.g., path disclosure...

6.5AI score0.00337EPSS
Exploits3References1
Cvelist
Cvelistadded 2022/12/25 12:0 a.m.14 views

CVE-2022-45895

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie findable in HTML source code for Default.aspx in some situations and the WhoAmI endpoint e.g., path disclosure...

6.7AI score0.00337EPSS
Exploits3References1
Cvelist
Cvelistadded 2022/12/25 12:0 a.m.13 views

CVE-2022-45893

Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative and high-privileged user accounts by changing the value of the ON cookie. A brute-force attack can calculate a value that provides permanent access...

9AI score0.00308EPSS
Exploits3References1
Rows per page
Query Builder