Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2026/04/01 9:13 p.m.3 views

EUVD-2026-17987

ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load...

4.7CVSS5.9AI score0.00004EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-21039

Malware in sbrugna...

7.2CVSS6.7AI score0.00379EPSS
Exploits5References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-3975

Malicious code in bioql PyPI...

4.5CVSS6.5AI score0.00068EPSS
Exploits0References2
Hacker One
Hacker Oneadded 2025/06/27 9:42 a.m.14 views

curl: arbitrary file read via `file://` path traversal with `--path-as-is`

Summary: Using --path-as-is with a file:// URL skips normalization of .. segments allowing reading of any local file the process can access Affected version curl 8.15.0-DEV commit 2a9dfe275, June 27, 2025 on Kali Linux 2024.3, x8664 Steps To Reproduce: 1. bulild curl with debug and ASan: git clon...

6.6AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/02/15 6:22 p.m.4 views

CVE-2025-24889

The SecureDrop Client is a desktop application for journalists to communicate with sources and work with submissions on the SecureDrop Workstation. Prior to versions 0.14.1 and 1.0.1, an attacker who has already gained code execution in a virtual machine on the SecureDrop Workstation could gain...

4.5CVSS7.2AI score0.00068EPSS
Exploits0References1
Trellix
Trellixadded 2021/11/02 12:0 a.m.85 views

The Bug Report – October Edition

ARCHIVED STORY The Bug Report – October Edition By Douglas McKee · November 02, 2021 Your Cyber Security Comic Relief Figure 1. Apache server version 2.4.50 CVE-2021-42013 Why am I here? Regardless of the origins, you’ve arrived at Advanced Threat Research team’s monthly bug digest – an overview ...

0.3AI score0.94432EPSS
Exploits184
ThreatPost
ThreatPostadded 2019/12/13 9:45 p.m.80 views

GitLab Doles Out Half a Million Bucks to White Hats

GitLab has awarded a total of $565,650 in security bug bounties to 171 researchers who reported valid vulnerabilities in the past year — and has announced the winners of its latest hacking contest. GitLab, which started out as a web-based Git repository manager before moving into the DevOps...

8.2AI score
Exploits0References11
NVD
NVDadded 2018/11/06 5:29 p.m.15 views

CVE-2018-9445

In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...

7.2CVSS6.7AI score0.00379EPSS
Exploits5References3
CVE
CVEadded 2018/11/06 5:0 p.m.84 views

CVE-2018-9445

CVE-2018-9445 describes a path traversal/privilege escalation chain in Android. The root issue: readMetadata in Utils.cpp can be fed a crafted label via blkid output that Vold uses to build a mount path, allowing a USB mass storage device to influence the path used for mounting (UUID/TYPE) and en...

7.2CVSS6.7AI score0.00379EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder