Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

RedhatCVE
RedhatCVEadded 2026/01/10 5:41 a.m.3 views

CVE-2025-67280

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user...

5.4CVSS7.2AI score0.00008EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 8:36 a.m.24 views

CVE-2020-12271

A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration HTTPS service or the User Portal exposed on the WAN zone. A successful attack...

10CVSS8.7AI score0.86647EPSS
Exploits1References1
OSV
OSVadded 2026/01/05 11:50 p.m.2 views

MAL-2026-924 Malicious code in auto-backup-macos (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64b97d3c3597539dc5a2cc2d81491eb2a0350011b3d80ef927546bc30701f924 Package performs a "backup" of files to a remote location. This functionality is clearly described, but the user has no control over the remote location where...

5.7AI score
Exploits0References10
RedhatCVE
RedhatCVEadded 2025/11/07 7:58 p.m.3 views

CVE-2022-50594

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitati...

8.8CVSS8.2AI score0.00132EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-9043

Malware in sbrugna...

4.9CVSS5.2AI score0.0007EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-29955

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00176EPSS
Exploits1References6
CNNVD
CNNVDadded 2024/11/04 12:0 a.m.1 views

Bitrix24 安全漏洞

Bitrix24 is a suite of enterprise social platforms from Bitrix USA. The platform includes features such as online communication, calendar management and CRM Customer Relationship Management. A security vulnerability exists in Bitrix24 version 23.300.100, which originates from a remote administrat...

6.8CVSS7.1AI score0.00146EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/08/19 9:59 a.m.3 views

Malicious code in thethreadingassistant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 762eff7d2ce4176f6050d35736ba93b5853e8519e760522372aced785a146e59 Infostealer exfiltrating cookies, history and passwords from the Google Chrome browser, as well as attempting to do a webcam photo. Data are sent to a Discord...

7.2AI score
Exploits0References1
Cvelist
Cvelistadded 2023/08/03 12:0 a.m.11 views

CVE-2023-33368

Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes...

6.6AI score0.00212EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/08/03 12:0 a.m.3 views

PT-2023-24316 · Control Id · Idsecure

Name of the Vulnerable Software and Affected Versions: Control ID IDSecure versions 4.7.26.0 and prior Description: The issue allows some API routes to exfiltrate sensitive information and passwords to users accessing these routes. Recommendations: For Control ID IDSecure versions 4.7.26.0 and...

6.5CVSS6.3AI score0.00212EPSS
Exploits0References4
OSV
OSVadded 2023/03/18 10:16 p.m.4 views

MGASA-2023-0099 Updated epiphany packages fix security vulnerability

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. CVE-2023-26081...

7.5CVSS7.5AI score0.00176EPSS
Exploits1References3
OSV
OSVadded 2023/03/17 11:5 a.m.3 views

OESA-2023-1175 epiphany security update

Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the Web content, instead of the browser application. Security Fixes: In Epiphany aka GNOME Web through 43.0, untrusted web content...

7.5CVSS6.9AI score0.00176EPSS
Exploits1References2
OSV
OSVadded 2023/03/04 11:4 a.m.3 views

OESA-2023-1139 epiphany security update

Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the Web content, instead of the browser application. Security Fixes: In Epiphany aka GNOME Web through 43.0, untrusted web content...

7.5CVSS6.9AI score0.00176EPSS
Exploits1References2
OSV
OSVadded 2023/02/20 3:15 a.m.2 views

DEBIAN-CVE-2023-26081

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...

7.5CVSS7.3AI score0.00176EPSS
Exploits1References1
Prion
Prionadded 2023/02/20 3:15 a.m.15 views

Code injection

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...

5CVSS7.4AI score0.00176EPSS
Exploits1References5Affected Software2
OSV
OSVadded 2023/02/20 3:15 a.m.0 views

UBUNTU-CVE-2023-26081

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...

7.5CVSS5.8AI score0.00176EPSS
Exploits1References4
CVE
CVEadded 2023/02/20 12:0 a.m.72 views

CVE-2023-26081

CVE-2023-26081 affects Epiphany (GNOME Web) up to version 43.0, where autofill can exfiltrate passwords from sandboxed content (e.g., CSP sandbox or iframe). Exploitation would require untrusted web content, but attackers could leverage sandbox context to access credentials. Remediation across di...

7.5CVSS7.3AI score0.00176EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2023/02/20 12:0 a.m.16 views

CVE-2023-26081

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...

7.6AI score0.00176EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2023/02/20 12:0 a.m.5 views

CVE-2023-26081

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...

6.7AI score0.00176EPSS
Exploits1References5
OSV
OSVadded 2020/04/27 4:15 a.m.2 views

CVE-2020-12271

A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration HTTPS service or the User Portal exposed on the WAN zone. A successful attack...

9.8CVSS7.9AI score0.86647EPSS
Exploits1References4
Rows per page
Query Builder