Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/05/28 1:22 p.m.32 views

CVE-2026-49237 Local Privilege Escalation in Canonical Multipass

An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-located binaries multipass, qemu-img, qemu-system-aarch64,...

7.8CVSS0.00141EPSS
Exploits1References1
Snyk
Snykadded 2026/03/17 10:51 a.m.4 views

Deserialization of Untrusted Data

Overview cpsit/typo3-mailqueue is a TYPO3 CMS extension to improve TYPO3's mail spooler with additional components. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization process. An attacker can execute arbitrary code by providing malicious...

8.8CVSS6.2AI score0.00215EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/12/08 9:31 a.m.27 views

CVE-2025-66461

FULLBACK Manager Pro provided by GS Yuasa International Ltd. registers two Windows services with unquoted file paths. A user may execute arbitrary code with SYSTEM privilege if he/she has the write permission on the path to the directory where the affected product is installed...

8.4CVSS0.00142EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/11/21 5:29 p.m.8 views

CVE-2025-64185

Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, Open OnDemand packages create world writable locations in the GEMPATH. Open OnDemand versions 4.0.8 and 3.1.16 have been patched for this vulnerability...

6.9CVSS6.9AI score0.00249EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/11/20 12:0 a.m.3 views

Open OnDemand 安全漏洞

Open OnDemand is an open source implementation of Open Interactive HPC over the Web from Ohio Supercomputer Center. A security vulnerability exists in Open OnDemand versions prior to 4.0.8 and prior to 3.1.16, which stems from the presence of a globally writable location in GEMPATH...

6.9CVSS6.5AI score0.00249EPSS
Exploits0References1
NVD
NVDadded 2025/10/03 12:15 p.m.8 views

CVE-2025-27237

In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL...

7.3CVSS0.00332EPSS
Exploits2References1
CNVD
CNVDadded 2020/10/28 12:0 a.m.1 views

chocolatey Boxstarter has an unspecified vulnerability

chocolatey Boxstarter is a virtual machine management software for installing virtual Windows environments from chocolatey, USA. A security vulnerability exists in Boxstarter installer versions prior to 2.13.0 that originates from configuring C:ProgramDataBoxstarter to be in the system-wide PATH...

8CVSS7.2AI score0.01487EPSS
Exploits0References1
Rows per page
Query Builder