Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/02/02 12:0 a.m.3 views

free5GC 代码问题漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 1.4.1 contained code vulnerabilities. These vulnerabilities stemmed from incorrect operations on the function HandleCreateSmPolicyRequest in the file internal/sbi/processor/smpolicy.go,...

7.5CVSS6.1AI score0.00053EPSS
Exploits1References9
NVD
NVDadded 2026/01/22 3:15 a.m.2 views

CVE-2026-24006

Seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, serialization of objects with extreme depth can exceed the maximum call stack limit. In version 1.4.1, Seroval introduces a depthLimit parameter in...

7.5CVSS0.00041EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/05/14 12:0 a.m.3 views

ZKsync Era 安全漏洞

ZKsync Era is an open source compiler from Matter Labs. A security vulnerability exists in ZKsync Era versions prior to 1.4.1, which stems from a conversion error...

5.9CVSS6.6AI score0.00304EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.3 views

PT-2023-31802 · Hertzbeat · Hertzbeat

Name of the Vulnerable Software and Affected Versions: Hertzbeat versions prior to 1.4.1 Description: Hertzbeat is an open-source, real-time monitoring system that uses aviatorscript to evaluate alert expressions. Due to improper sanitization for alert expressions, a malicious user can use a...

8.8CVSS7.5AI score0.00651EPSS
Exploits1References9
SUSE CVE
SUSE CVEadded 2023/02/15 6:18 a.m.1 views

SUSE CVE-2005-1689

Double free vulnerability in the krb5recvauth function in MIT Kerberos 5 krb5 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions...

9.8CVSS8.9AI score0.55203EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2022/08/22 3:15 p.m.2 views

CVE-2022-2593

The Better Search Replace WordPress plugin before 1.4.1 does not properly sanitise and escape table data before inserting it into a SQL query, which could allow high privilege users to perform SQL Injection attacks...

7.2CVSS7.1AI score0.00566EPSS
Exploits2References2
ATTACKERKB
ATTACKERKBadded 2012/07/31 5:55 p.m.4 views

CVE-2012-3442

The 1 django.http.HttpResponseRedirect and 2 django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting XSS attacks via a data: URL...

4.3CVSS4.9AI score0.00496EPSS
Exploits1References8
RedHat Linux
RedHat Linuxadded 2011/11/16 11:49 p.m.2 views

jruby: XSS in the regular expression engine when processing invalid UTF-8 byte sequences

The regular expression engine in JRuby before 1.4.1, when $KCODE is set to 'u', does not properly handle characters immediately after a UTF-8 character, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted string...

4.3CVSS5.7AI score0.00425EPSS
Exploits1References4
Rows per page
Query Builder