Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/03/13 9:22 p.m.1 views

EUVD-2026-12175

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, The two generic system-preferences endpoints allow manager role access, while every other surface that touches the same settings is restricted to admi...

3.8CVSS5.8AI score0.00047EPSS
Exploits1References2
OSV
OSVadded 2025/11/24 5:16 p.m.0 views

CVE-2025-63958

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...

9.8CVSS5.8AI score0.0037EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/11/18 6:58 a.m.4 views

CVE-2025-13163

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend...

6.9CVSS6.9AI score0.00048EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/11/17 6:17 a.m.2 views

CVE-2025-13163 Digiwin|EasyFlow GP - Insufficiently Protected Credentials

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend...

6.9CVSS6.6AI score0.00048EPSS
Exploits0References2
CVE
CVEadded 2025/11/17 6:17 a.m.7 views

CVE-2025-13163

CVE-2025-13163 affects EasyFlow GP by Digiwin. The issue is insufficient protection of credentials in the system frontend, enabling privileged remote attackers to obtain plaintext database credentials. Impact is high on confidentiality per the CVSS metrics; exploitation details and a concrete fix...

6.9CVSS6.6AI score0.00048EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/11/17 12:0 a.m.1 views

Digiwin EasyFlow GP 安全漏洞

Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which stems from insufficient credential protection and could allow a privileged remote attacker to gain access to plaintext database credentials...

6.9CVSS6.9AI score0.00048EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2025/09/03 12:3 a.m.148 views

Project-Frame-Jacking-The-Gallery-Heist

Executive Summary A comprehensive penetration test was conduc...

9.4AI score
Exploits0
Cvelist
Cvelistadded 2019/06/12 2:6 p.m.20 views

CVE-2019-3947

Fuji Electric V-Server before 6.0.33.0 stores database credentials in project files as plaintext. An attacker that can gain access to the project file can recover the database credentials and gain access to the database server...

9.6AI score0.00415EPSS
Exploits1References2
Rows per page
Query Builder