Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2024/10/28 12:0 a.m.122 views

CVE-2024-39205

CVE-2024-39205 affects pyload-ng (v0.5.0b3.dev85 and earlier) on Python 3.11 or below, exposing remote code execution via the /flash/addcrypted2 API. The root cause is the js2py sandbox escape (CVE-2024-28397) leveraged to bypass localhost access and run arbitrary commands on the host. Public dis...

9.8CVSS8AI score0.83924EPSS
Exploits4References3
NVD
NVDadded 2024/07/19 3:15 p.m.9 views

CVE-2024-39962

D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21D240126 was discovered to contain a remote code execution RCE vulnerability in the ntpzoneval parameter at /goform/setntp. This vulnerability is exploited via a crafted HTTP request...

9.8CVSS0.09852EPSS
Exploits1References1
Github Security Blog
Github Security Blogadded 2024/01/31 10:43 p.m.24 views

BuildKit vulnerable to possible panic when incorrect parameters sent from frontend

Impact A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. Patches The issue has been fixed in v0.12.5 Workarounds Avoid using BuildKit frontends from untrusted sources. A frontend image is usually specified as the syntax line on...

5.3CVSS6.8AI score0.0011EPSS
Exploits0References10Affected Software1
Prion
Prionadded 2023/12/14 2:15 a.m.29 views

Remote code execution

A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker impersonating an administrator may craft a specific web request which may lead to remote code execution...

5.8CVSS7.8AI score0.03146EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2022/09/21 7:15 p.m.13 views

CVE-2021-43310

A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier. This could lead to a remote code execution...

9.8CVSS0.02758EPSS
Exploits1References2
OSV
OSVadded 2022/09/15 3:21 a.m.14 views

GHSA-QCQV-38JG-2R43 Pageflow vulnerable to insecure direct object reference in membership update endpoint

Impact Pageflow has a membership edit feature which allows users to edit the roles of user memberships associated with an account that they have the manager role to including their own. While the Entity dropdown select field is greyed out in the UI, an attacker can use tools which allow sending...

7AI score
Exploits0References3
Cvelist
Cvelistadded 2022/06/24 7:46 a.m.16 views

CVE-2022-32140 CODESYS runtime system prone to denial of service due to buffer copy

Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required...

6.5CVSS6.8AI score0.00333EPSS
Exploits0References1
Rows per page
Query Builder