Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/03/17 12:0 a.m.10 views

PT-2026-25901

FOR ON-PREMISE INSTALLATIONS ONLY Straight from ISAO. No changes or additions. Summary: ConnectWise disclosed a new high-severity vulnerability in ScreenConnect on March 17, 2026, tracked as CVE-2026-3564 with a CVSS score of 9.0. The vulnerability relates to how server-level cryptographic materi...

9CVSS5.7AI score0.00362EPSS
Exploits0References19
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-51388

Malicious code in bioql PyPI...

8.1CVSS6.3AI score0.01044EPSS
Exploits0References2
NVD
NVDadded 2025/04/25 7:15 p.m.17 views

CVE-2025-3935

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...

8.1CVSS0.03348EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/04/25 6:27 p.m.33 views

CVE-2025-3935 ScreenConnect Exposure to ASP.NET ViewState Code Injection

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...

8.1CVSS0.03348EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/04/25 6:27 p.m.15 views

CVE-2025-3935 ScreenConnect Exposure to ASP.NET ViewState Code Injection

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...

8.1CVSS8.5AI score0.03348EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/04/24 12:0 a.m.4 views

PT-2025-17934

Name of the Vulnerable Software and Affected Versions ScreenConnect versions 25.2.3 and earlier Description The issue concerns a ViewState code injection attack in ScreenConnect, which uses ASP.NET Web Forms to preserve page and control state. The data is encoded using Base64 and protected by...

8.1CVSS9.5AI score0.03348EPSS
Exploits0References64
Packet Storm
Packet Stormadded 2024/02/24 12:0 a.m.691 views

ConnectWise ScreenConnect 23.9.7 Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ConnectWise ScreenConnect Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an authentication bypass vulnerability...

10CVSS7AI score0.99959EPSS
Exploits9
ATTACKERKB
ATTACKERKBadded 2022/09/28 8:57 a.m.3 views

CVE-2022-36781

ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration. Attackers could exploit this vulnerability to gain unauthorized access by repeatedly attempting...

5.3CVSS5.9AI score0.00457EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder