Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2025/11/24 12:0 a.m.2 views

PT-2025-47949

Xtooltech Xtool AnyScan Android Application 4.40.40 is Missing Authentication for Critical Function. The server-side endpoint responsible for serving update packages for the application does not require any authentication. This allows an unauthenticated remote attacker to freely download official...

7.1AI score0.00063EPSS
Exploits1References3
OSV
OSVadded 2025/11/15 8:4 a.m.3 views

CVE-2025-6171 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker with reporter access to view branch names and pipeline details by accessing the packages API endpoint even wh...

5.3CVSS6.2AI score0.00019EPSS
Exploits0References6
CNNVD
CNNVDadded 2025/11/15 12:0 a.m.1 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab CE and EE versions 13.2 through 18.3...

5.3CVSS6.4AI score0.00019EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/11/15 12:0 a.m.1 views

PT-2025-47051

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.2 through 18.3.5 GitLab CE/EE versions 18.4 through 18.4.3 GitLab CE/EE versions 18.5 through 18.5.1 Description An authenticated attacker with reporter access could view branch names and pipeline details by accessing...

5.3CVSS6.5AI score0.00019EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/10/02 5:43 p.m.8 views

CVE-2025-57389

A reflected cross-site scripting XSS vulnerability in the /admin/system/packages endpoint of Luci OpenWRT v18.06.2 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload. This vulnerability was fixed in OpenWRT v19.07.0...

5.4CVSS6AI score0.00026EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/10/01 12:0 a.m.1 views

OpenWRT Luci LTS 安全漏洞

OpenWRT Luci LTS is an OpenWRT open source web management interface for Linux distributions. A security vulnerability exists in OpenWRT Luci LTS version v18.06.2, which originates from the presence of reflective cross-site scripting in the /admin/system/packages endpoint, which could lead to the...

5.4CVSS6.3AI score0.00026EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/04/22 12:0 a.m.2 views

PT-2024-24590

Name of the Vulnerable Software and Affected Versions LibreNMS versions prior to 24.4.0 Description A SQL injection vulnerability in the POST /search/search=packages endpoint in LibreNMS allows a user with global read privileges to execute SQL commands via the package parameter. This vulnerabilit...

8.8CVSS8.3AI score0.00151EPSS
Exploits1References12
Positive Technologies
Positive Technologiesadded 2022/09/23 12:0 a.m.2 views

PT-2022-25196 · Unknown · Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: Online Tours & Travels Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/tour/admin/update packages.php" API endpoint...

7.2CVSS7.1AI score0.00274EPSS
Exploits1References2
Rows per page
Query Builder