Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/05/05 12:0 a.m.5 views

PT-2026-37046

An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is an instance of CWE-269: Improper Privilege Management, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 5.0, Medium. This...

5CVSS5.7AI score0.00032EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/04/07 2:12 p.m.1 views

CVE-2026-5383

An issue that could allow access to Explorer groups from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L 4.4 Medium. This issue was fixed in...

4.4CVSS5.8AI score0.00061EPSS
Exploits0References3
CVE
CVEadded 2026/04/07 2:11 p.m.9 views

CVE-2026-5379

The CVE-2026-5379 issue affects the runZero Platform (MCP certification workflow). It describes a vulnerability where MCP agents could access certificate information outside their authorized organization scope due to improper authorization (CWE-863). The documented impact is low (CVSS v3.1: 3.0) ...

3CVSS5.8AI score0.00025EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/07 12:0 a.m.6 views

PT-2026-30873

An issue that allowed administrators to create and update users outside of their authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N 5.8 Medium. This issue was fix...

5.8CVSS5.8AI score0.00045EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/10/29 12:0 a.m.3 views

Grafana 安全漏洞

Grafana is a set of open source monitoring tools from Grafana open source that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana 10.4.0 and earlier versions, which...

2.7CVSS5.2AI score0.00216EPSS
Exploits0References2
Grafana
Grafanaadded 2024/10/28 12:0 a.m.4 views

Org admin can delete pending invites in different org

Organization admins can delete pending invites created in an organization they are not part of...

2.7CVSS6.7AI score0.00216EPSS
Exploits0
Carbon Black Blog
Carbon Black Blogadded 2019/10/07 4:0 p.m.60 views

Using MixMode and Carbon Black to Spot a Watering Hole Attack

For those not familiar with watering hole attacks, they are attacks on a specific place—such as a restaurant—that many people visit. They generally involve malicious code being injected into an iframe on the company’s website. In the case of a restaurant, for example, the online menu would be a...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2009/02/20 12:0 a.m.17 views

Dropbox Software Detection

Dropbox is installed on the remote host. Dropbox is an application for storing and synchronizing files between computers, possibly outside the organization. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid35717;...

5.6AI score
Exploits0References1
Rows per page
Query Builder