Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2025/10/24 8:24 a.m.2 views

CVE-2025-10902 Originality.ai AI Checker <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Scan Log Deletion via ' ai_scan_result_remove'

The Originality.ai AI Checker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'aiscanresultremove' function in all versions up to, and including, 1.0.15. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS5.8AI score0.00034EPSS
Exploits0References3
CVE
CVEadded 2025/10/24 8:24 a.m.12 views

CVE-2025-10902

CVE-2025-10902 concerns the WordPress Originality.ai AI Checker plugin (versions up to and including 1.0.12). The issue is a missing capability check in the ai_scan_result_remove function, allowing authenticated attackers with Subscriber-level access or higher to delete all data in the wp_origina...

4.3CVSS5.9AI score0.00034EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/09/03 12:0 a.m.2 views

Apache Tomcat 10.1.0-M1 < 10.1.44 Denial of Service

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.108, 10.1.0-M1 prior to 10.1.44 or 11.0.0-M1 prior to 11.0.10. It is, therefore, affected by a denial of service vulnerability due to Tomcat's HTTP/2 implementation vulnerable to the made you reset attack. Note tha...

7.5CVSS7AI score0.01022EPSS
Exploits0References2
OSV
OSVadded 2024/06/12 4:15 p.m.1 views

CVE-2024-1891

A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page...

5.4CVSS5.4AI score
Exploits0References1
CVE
CVEadded 2024/06/12 3:56 p.m.67 views

CVE-2024-1891

The CVE-2024-1891 entry describes a stored cross-site scripting vulnerability in Tenable Security Center. A authenticated, remote attacker could inject HTML code into a web application scan result page due to inadequate input handling in the affected component/file. Relevant details show impact c...

5.4CVSS4.6AI score0.00214EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2024/06/12 12:0 a.m.2 views

PT-2024-18398 · Tenable · Tenable Security Center

Name of the Vulnerable Software and Affected Versions: Tenable Security Center affected versions not specified Description: A stored cross site scripting issue exists, allowing an authenticated, remote attacker to inject HTML code into a web application scan result page. Recommendations: At the...

5.4CVSS6AI score0.00214EPSS
Exploits0References2
FreeBSD
FreeBSDadded 2024/02/07 12:0 a.m.30 views

Gitlab -- vulnerabilities

Gitlab reports: Restrict group access token creation for custom roles Project maintainers can bypass group's scan result policy blockbranchmodification setting ReDoS in CI/CD Pipeline Editor while verifying Pipeline syntax Resource exhaustion using GraphQL vulnerabilitiesCountByDay...

7.5CVSS7.4AI score0.02834EPSS
Exploits0References1
Rows per page
Query Builder