Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-32044

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00054EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/08/22 9:32 a.m.7 views

CVE-2025-57729

In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start...

7.3CVSS7.2AI score0.00001EPSS
Exploits0References1
OSV
OSVadded 2023/07/06 3:15 p.m.1 views

CVE-2023-23907

A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability...

7.5CVSS7.4AI score
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/05/23 12:0 a.m.3 views

PT-2023-23442 · Linksys · Linksys E2000

Name of the Vulnerable Software and Affected Versions: Linksys E2000 router version 1.0.06 Description: The issue is a command injection vulnerability. If an attacker gains web management privileges, they can inject commands into the post request parameters wl ssid, wl ant, wl rate, WL atten ctl,...

7.2CVSS7.7AI score0.09076EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2022/02/04 2:15 a.m.2 views

CVE-2022-24171

Tenda routers G1 and G3 v15.11.0.179502CN were discovered to contain a command injection vulnerability in the function formSetPppoeServer. This vulnerability allows attackers to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP parameters...

9.8CVSS7.6AI score0.1555EPSS
Exploits1References2
NVD
NVDadded 2019/05/07 7:29 a.m.9 views

CVE-2019-11808

Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK's ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs...

4.3CVSS4.1AI score0.0028EPSS
Exploits0References3
Cvelist
Cvelistadded 2019/05/07 6:53 a.m.13 views

CVE-2019-11808

Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK's ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs...

4.1AI score0.0028EPSS
Exploits0References3
Exploit DB
Exploit DBadded 2017/11/29 12:0 a.m.41 views

QEMU - NBD Server Long Export Name Stack Buffer Overflow

Introduced in commit f37708f6b8 2.10. The NBD spec says a client can request export names up to 4096 bytes in length, even though they should not expect success on names longer than 256. However, qemu hard-codes the limit of 256, and fails to filter out a client that probes for a longer name; the...

7.4AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2009/09/02 8:0 a.m.29 views

Low: Red Hat Security Advisory: gdm security and bug fix update

Updated gdm packages that fix a security issue and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The GNOME Display Manager GDM is a configurable re-implementation of XDM, the X Display...

6.8CVSS5.8AI score0.00203EPSS
Exploits0References6
Rows per page
Query Builder