Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2 days ago33 views

CVE-2026-49193 Publicly Readable AWS S3 Telemetry Buckets

Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet...

8.7CVSS0.00034EPSS
Exploits0References1
NVD
NVDadded 2022/09/15 4:15 p.m.16 views

CVE-2022-1798

A path traversal vulnerability in KubeVirt versions up to 0.56 and 0.55.1 on all platforms allows a user able to configure the kubevirt to read arbitrary files on the host filesystem which are publicly readable or which are readable for UID 107 or GID 107. /proc/self/ is not accessible...

8.7CVSS0.0013EPSS
Exploits1References1
GitLab Advisory Database
GitLab Advisory Databaseadded 2022/09/15 12:0 a.m.20 views

KubeVirt vulnerable to arbitrary file read on host

As part of a Kubevirt audit performed by NCC group, a finding dealing with systemic lack of path sanitization which leads to a path traversal was identified. Google tested the exploitability of the paths in the audit report and identified that when combined with another vulnerability one of the...

1AI score
Exploits0References5Affected Software1
CNVD
CNVDadded 2018/08/17 12:0 a.m.2 views

All For One Information Disclosure Vulnerability

All For One is an Ether-based gambling game. An information disclosure vulnerability exists in the 'maxRandom' function in All For One's smart contract implementation, which stems from the program's use of publicly readable variables to generate arbitrary values. An attacker could use the...

7.5CVSS7.3AI score0.003EPSS
Exploits0References1
Prion
Prionadded 2018/08/07 3:29 p.m.9 views

Design/Logic Flaw

The randMod function of the smart contract implementation for MyCryptoChamp, an Ethereum game, generates a random value with publicly readable variables such as the current block information and a private variable, which can be read with a getStorageAt call. Therefore, attackers can get powerful...

4.3CVSS5.6AI score0.02857EPSS
Exploits1References3
0day.today
0day.todayadded 2016/11/12 12:0 a.m.23 views

WordPress W3 Total Cache 0.9.4.1 Race Condition Vulnerability

An information disclosure vulnerability was found in the W3 Total Cache plugin. This issue allows an attacker to hijack sensitive information, such as the administrator's session cookie. Exploiting the vulnerability is possible during a short period of time when an administrator submits the suppo...

6.3AI score
Exploits0
Packet Storm
Packet Stormadded 2016/11/11 12:0 a.m.32 views

WordPress W3 Total Cache 0.9.4.1 Race Condition

------------------------------------------------------------------------ Information disclosure race condition in W3 Total Cache WordPress Plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2004/09/29 12:0 a.m.24 views

Debian DSA-073-1 : imp - 3 remote exploits

The Horde team released version 2.2.6 of IMP a web-based IMAP mail program which fixes three security problems. Their release announcement describes them as follows : - A PHPLIB vulnerability allowed an attacker to provide a value for the array element $PHPLIBlibdir, and thus to get scripts from...

10CVSS5.8AI score0.30068EPSS
Exploits3References4
Rows per page
Query Builder