Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2024/04/03 7:15 p.m.9 views

CVE-2024-3178

Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting XSS in the Advanced File Search Filter. Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All...

4.8CVSS3.7AI score0.00359EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/04/03 6:50 p.m.14 views

CVE-2024-3179 Concrete CMS version 9 before 9.2.8 and previous versions before 8.5.16 are vulnerable to Stored XSS in the Custom Class page

Concrete CMS version 9 before 9.2.8 and previous versions before 8.5.16 are vulnerable to Stored XSS in the Custom Class page editing. Prior to the fix, a rogue administrator could insert malicious code in the custom class field due to insufficient validation of administrator provided data. The...

3.1CVSS3.7AI score0.00359EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/03/05 9:8 p.m.11 views

CVE-2024-2179 Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type

Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type since there is insufficient validation of administrator provided data for that field. A rogue administrator could inject malicious code into the Name field which might be executed when users visit t...

2.2CVSS3.3AI score0.00309EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/02/09 6:58 p.m.19 views

CVE-2024-1247 Concrete CMS version 9 before 9.2.5 vulnerable to stored XSS via the Role Name field

Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS via the Role Name field since there is insufficient validation of administrator provided data for that field. A rogue administrator could inject malicious code into the Role Name field which might be executed when users visit the...

2CVSS5.2AI score0.01244EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2021/01/20 2:50 p.m.19 views

CVE-2021-2074

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

8.2CVSS6.8AI score0.00493EPSS
Exploits0References2
CVE
CVEadded 2021/01/20 2:50 p.m.397 views

CVE-2021-2056

CVE-2021-2056 affects Oracle MySQL Server (component: Server: DML). Affected: MySQL 8.0.22 and earlier. An attacker with network access via multiple protocols and who has high privileges can exploit to cause a hang or crash (complete DoS). CVSS v3.1 base score 4.4 (Availability). No exploit detai...

6.3CVSS4.4AI score0.01729EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVASadded 2018/05/02 12:0 a.m.35 views

Fedora Update for xen FEDORA-2018-604574c943

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.9AI score0.02806EPSS
Exploits1References2
Rows per page
Query Builder