Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 6:52 a.m.2 views

CVE-2024-28139

The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near future...

8.8CVSS7.2AI score0.00288EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/03/12 3:10 p.m.8 views

CVE-2025-1497

A vulnerability, that could result in Remote Code Execution RCE, has been found in PlotAI. Lack of validation of LLM-generated output allows attacker to execute arbitrary Python code. Vendor commented out vulnerable line, further usage of the software requires uncommenting it and thus accepting t...

9.8CVSS8.3AI score0.05573EPSS
Exploits0References1
NVD
NVDadded 2024/12/11 4:15 p.m.10 views

CVE-2024-28139

The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near future...

8.8CVSS0.00288EPSS
Exploits0References2
CVE
CVEadded 2024/12/11 3:36 p.m.52 views

CVE-2024-28139

The CVE-2024-28139 issue involves the www-data user gaining root privileges because sudo is configured to permit the mount command to run as root without a password. This is a privilege escalation via sudo misconfiguration, not a flaw in a specific application feature. The current narrative acros...

8.8CVSS6.8AI score0.00288EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/12/11 3:36 p.m.22 views

CVE-2024-28139 Privilege escalation through sudo misconfiguration

The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near future...

0.00288EPSS
Exploits0References1
Code423n4
Code423n4added 2023/08/07 12:0 a.m.9 views

the check in checkExpectedBalances only allows 2% slippage, which could be insufficient in volatile markets and lock user funds.

Lines of code Vulnerability details Impact This would cause the check to fail and revert the transaction, locking the user's funds Proof of Concept In volatile markets, the price could move more than 2% between when the user sends the transactions and when it gets mined. This would cause the chec...

6.8AI score
Exploits0
The Coalfire Blog
The Coalfire Blogadded 2018/06/07 8:54 p.m.11 views

A Cyber Engineering Primer: Vulnerability Management Lifecycle

According to the SANS Institute, "Vulnerability management is the process in which vulnerabilities in IT are identified and the risks of these vulnerabilities are evaluated. This evaluation leads to correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management...

2.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blogadded 2011/12/08 2:42 p.m.6 views

What is Your Risk Assessment Worth?

A risk assessment provides your organization with a tool to determine how, where and how much to invest in controls and security over technology. It also serves to document the risk acceptance policy of your organization as the acceptable level of risk dictates the level of controls to be...

2.6AI score
Exploits0
Rows per page
Query Builder