Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2026/05/28 8:29 p.m.6 views

CVE-2026-42071 MantisBT: Private Bugnote Attachment Content Leak via REST API

Mantis Bug Tracker MantisBT is an open source issue tracker. From 2.23.0 to 2.28.1, a missing authorization check in MantisBT's file visibility function allows any authenticated user REPORTER+ to download attachments on private bugnotes they should not be able to access, via the REST API endpoint...

7.2CVSS5.8AI score0.00046EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2023/02/15 4:19 a.m.3 views

SUSE CVE-2019-2511

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via SOAP to compromise Oracle VM...

7.5CVSS7.7AI score0.01525EPSS
Exploits0References6
OSV
OSVadded 2020/04/27 3:15 p.m.4 views

CVE-2020-12120

The Correos Express addon for PrestaShop 1.6 through 1.7 allows remote attackers to obtain sensitive information, such as a service's owner password that can be used to modify orders via SOAP. Attackers can also retrieve information about orders or buyers...

7.5CVSS7.1AI score0.00561EPSS
Exploits1References2
CNVD
CNVDadded 2015/06/23 12:0 a.m.2 views

PHP SOAP Access Remote Memory Corruption Vulnerability

PHP is a general-purpose scripting language. A security vulnerability in the unserialize function used in PHP's multiple SOAP accesses allows remote attackers to exploit the vulnerability by submitting a special request to obtain PHP application memory information or crash...

10CVSS6.6AI score0.06568EPSS
Exploits5References1
CNVD
CNVDadded 2015/06/23 12:0 a.m.3 views

Multiple Memory Corruption Vulnerabilities in PHP SOAP Access

PHP is a general-purpose scripting language. A security vulnerability in the unserialize function used in PHP's multiple SOAP accesses allows remote attackers to exploit the vulnerability by submitting a special request to obtain PHP application memory information or crash...

10CVSS6.6AI score0.21375EPSS
Exploits4References1
RedHat Linux
RedHat Linuxadded 2013/02/13 6:54 p.m.3 views

apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor

The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...

5.8CVSS7.4AI score0.01785EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2012/12/04 6:52 p.m.1 views

rhev: backend allows unprivileged queries

The backend in Red Hat Enterprise Virtualization Manager RHEV-M before 3.1 does not properly check privileges, which allows remote authenticated users to query arbitrary information via a 1 SOAP or 2 GWT request...

2.7CVSS6AI score0.00143EPSS
Exploits0References4
Rows per page
Query Builder