Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Github Security Blog
Github Security Blogadded yesterday6 views

GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution

Summary A GeoServer that uses ENTITYRESOLUTIONALLOWLIST may allow attacker to perform unauthenticated Server-Side Request Forgery SSRF. Details This vulnerability requires that GeoServer is set up to use a proxy base URL and the ENTITYRESOLUTIONALLOWLIST default since 2.25.0: Impact This...

5.3AI score
Exploits0References3Affected Software2
Cvelist
Cvelistadded 2025/10/01 7:26 a.m.6 views

CVE-2025-11226 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program...

5.9CVSS0.00067EPSS
Exploits0References2
Grafana
Grafanaadded 2024/10/17 12:0 a.m.4 views

Grafana SQL Expressions allow for remote code execution

The SQL Expressions experimental feature of Grafana allows for the evaluation of duckdb queries containing user input. These queries are insufficiently sanitized before being passed to duckdb , leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or high...

9.9CVSS6.8AI score0.94047EPSS
Exploits9
Citrix
Citrixadded 2024/07/13 12:0 a.m.7 views

Error: "Cannot connect to server. Try again in a few minutes" on StoreFront

End-user is unable to add Store into Receiver, unless the full Store path is appended. Example https://SF-FQDN/Citrix/; - Add Store is successful https://SF-FQDN - Add Store fails: After user gets prompted for credentials, an error message appears: "Cannot connect to server. Try again in a few...

7.1AI score
Exploits0
OSV
OSVadded 2023/10/05 9:15 p.m.1 views

DEBIAN-CVE-2023-39323

Line directives "//line" can be used to bypass the restrictions on "//go:cgo" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of...

8.1CVSS9.4AI score0.0006EPSS
Exploits0References1
OSV
OSVadded 2023/10/05 9:15 p.m.2 views

UBUNTU-CVE-2023-39323

Line directives "//line" can be used to bypass the restrictions on "//go:cgo" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of...

8.1CVSS7.2AI score0.0006EPSS
Exploits0References11
Rows per page
Query Builder