Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

NCSC
NCSCadded 2026/02/10 7:7 p.m.38 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Visual Studio and .NET components. A malicious party could exploit the vulnerabilities to bypass security measures, grant themselves elevated privileges and potentially execute arbitrary code with the victim's privileges. For successful abuse, the...

8.8CVSS6.5AI score0.01357EPSS
Exploits0
OSV
OSVadded 2024/04/03 9:31 p.m.21 views

GHSA-QGM9-RXMQ-JXMQ Concrete CMS Stored XSS in the Search Field

Concrete CMS version 9 prior to 9.2.8 and previous versions prior to 8.5.16 are vulnerable to Stored XSS in the Search Field. Prior to the fix, stored XSS could be executed by an administrator changing a filter to which a rogue administrator had previously added malicious code. The Concrete CMS...

3.1CVSS4.2AI score0.00359EPSS
Exploits0References6
The Hacker News
The Hacker Newsadded 2023/01/25 4:11 p.m.178 views

Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages

A massive campaign has infected over 4,500 WordPress websites as part of a long-running operation that's been believed to be active since at least 2017. According to GoDaddy-owned Sucuri, the infections involve the injection of obfuscated JavaScript hosted on a malicious domain named...

0.4AI score
Exploits0
NCSC
NCSCadded 2021/11/02 12:0 a.m.4 views

Vulnerabilities related to Unicode fixed

Researchers from the universities of Cambridge and Edinburgh have developed developed attack methods for compromising open-source software. This involves the abuse of Unicode control characters. By placing control characters in the source code at tactical places in tactical places, source code is...

8.3CVSS9.4AI score0.12205EPSS
Exploits5
NCSC
NCSCadded 2021/09/23 12:0 a.m.4 views

Vulnerability fixed in Mattermost

A vulnerability has been fixed in Mattermost. The vulnerability allows a remote malicious person to execute arbitrary code execute arbitrary code under user privileges. To do this, the malicious party must induce the victim to enter rogue code. Mattermost has released updates to fix the...

6.1CVSS7.5AI score0.00611EPSS
Exploits0
ThreatPost
ThreatPostadded 2021/03/03 7:12 p.m.43 views

Malicious Code Bombs Target Amazon, Lyft, Slack, Zillow

Researchers have spotted malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow among others inside the npm public code repository — all of which exfiltrate sensitive information. The packages weaponize a proof-of-concept PoC code dependency-confusion exploit that w...

7.2AI score
Exploits0References6
Rows per page
Query Builder