Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2026/05/27 1:50 p.m.35 views

CVE-2024-56462 IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system...

7.2CVSS0.00051EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/11 7:8 a.m.2 views

CVE-2026-27685

SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system...

9.1CVSS5.8AI score0.00066EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/02/17 12:0 a.m.3 views

PT-2026-20246

Name of the Vulnerable Software and Affected Versions IBM watsonx.data versions 2.2 through 2.2.1 Description A privileged user may be able to upload malicious files to IBM Lakehouse. These files could be executed on the server, potentially allowing modification of limited files or data...

3.8CVSS5.3AI score0.00037EPSS
Exploits0References4
NVD
NVDadded 2026/01/22 12:15 p.m.2 views

CVE-2025-67684

Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a privileged user to upload arbitrary file contents while only validating the filename extension. This allows an attacker to include and execute uploaded PHP code,...

9.4CVSS0.00207EPSS
Exploits0References2
CVE
CVEadded 2026/01/22 11:57 a.m.7 views

CVE-2025-67684

CVE-2025-67684 : Quick.Cart is vulnerable to Local File Inclusion and Path Traversal in the theme selection mechanism. A privileged user can upload arbitrary file contents and, since only the filename extension is validated, include and execute uploaded PHP code, causing Remote Code Execution on ...

9.4CVSS6.2AI score0.00207EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2023/10/16 12:15 a.m.13 views

Input validation

IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. IBM X-Force ID: 259382...

5.8CVSS6.6AI score0.00069EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blogadded 2023/07/07 9:20 p.m.32 views

Winter CMS stored XSS through privileged upload of SVG file

Impact Users with the backend.managebranding permission can upload SVGs as the application logo. Previously, SVG uploads were not sanitized, which could have allowed a stored XSS attack. Although this was a security issue, it's important to note that its severity is low. To exploit the...

4.8CVSS6.2AI score0.01317EPSS
Exploits4References7Affected Software1
OSV
OSVadded 2023/06/15 3:15 a.m.1 views

CVE-2022-33166

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586...

7.2CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder