Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/04/07 11:1 p.m.2 views

CVE-2026-35021

Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in the prompt editor invocation utility that allows attackers to execute arbitrary commands by crafting malicious file paths. Attackers can inject shell metacharacters such as $ or backtick expressions in...

8.4CVSS6.2AI score0.00041EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/01/28 12:0 a.m.5 views

Gear Box Computers IP Watcher code issues and vulnerabilities

Gear Box Computers IP Watcher is a network monitoring tool developed by Gear Box Computers. Version 3.0.0.30 of Gear Box Computers IP Watcher has a code vulnerability; this vulnerability stems from Windows service configurations that include service paths without quotes, which may allow arbitrary...

8.5CVSS6AI score0.00008EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2002-0284

Malware in sbrugna...

10CVSS6.4AI score0.0069EPSS
Exploits0References5
NVD
NVDadded 2025/02/25 3:15 p.m.2 views

CVE-2025-26943

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jürgen Müller Easy Quotes easy-quotes allows Blind SQL Injection.This issue affects Easy Quotes: from n/a through = 1.2.2...

9.3CVSS0.00052EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2025/02/25 11:35 a.m.3 views

tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method

A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick t...

5.5CVSS5.7AI score0.00033EPSS
Exploits0References6
Cvelist
Cvelistadded 2025/02/16 10:17 p.m.11 views

CVE-2025-22289 WordPress LTL Freight Quotes – Unishippers Edition plugin <= 2.5.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – Unishippers Edition ltl-freight-quotes-unishippers-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – Unishippers Edition: from n/a through = 2.5.8...

6.5CVSS0.0008EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2025/01/22 3:15 p.m.4 views

CVE-2025-23682

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bhuvnesh Gupta Preloader Quotes preloader-quotes allows Reflected XSS.This issue affects Preloader Quotes: from n/a through = 1.0.0...

7.1CVSS7.2AI score0.00346EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:53 a.m.1 views

SUSE CVE-2020-26298

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escapehtml opti...

5.4CVSS8AI score0.01127EPSS
Exploits0References5
Rows per page
Query Builder