Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2023/09/04 10:40 p.m.21 views

Trigger `beforeFind` not invoked in internal query pipeline when fetching pointer

Impact A Parse Pointer can be used to access internal Parse Server classes. It can also be used to circumvent the beforeFind query trigger which can be an additional vulnerability for deployments where the beforeFind trigger is used as a security layer to modify an incoming query. Patches The...

7.5CVSS6.8AI score0.00268EPSS
Exploits0References7Affected Software1
Prion
Prionadded 2023/07/25 8:15 p.m.18 views

Path traversal

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file...

7.5CVSS9.4AI score0.0013EPSS
Exploits0References2Affected Software2
Prion
Prionadded 2021/05/26 9:15 p.m.19 views

Memory corruption

An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cleartext in the indexer.log file when they make a /listCreateTokens, /listRebalanceTokens, or...

4CVSS5.1AI score0.00135EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2021/05/19 7:15 p.m.16 views

Authentication flaw

An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators...

5CVSS7.6AI score0.00179EPSS
Exploits0References2Affected Software1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.9 views

Sambar Server 5.x results.stm Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6643/info Sambar Server does not adequately filter some HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will be...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2004/04/30 12:0 a.m.90 views

Sambar security quest

This issue is old originally discovered in January, 2003 published by iDefense1 and fixed by Vendor2 in September, 2003 but still interesting if you tired of endless crossite scriptings, buffer overflows and SQL injections and would like to play security game. Intro: Probably you heard about...

8.1AI score
Exploits0
CVE
CVEadded 2001/11/22 5:0 a.m.39 views

CVE-2001-0847

CVE-2001-0847 affects Lotus Domino Web Server 5.x. The vulnerability allows remote attackers to disclose sensitive information by accessing the default navigator $defaultNav, either by URL-encoding the request or by directly requesting the ReplicaID. The public records describe the affected compo...

7.5CVSS7AI score0.00626EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder