Apache Guacamole Detected

This is an informational notice that the scanner was able to detect an Apache Guacamole instance on the target server. Note that this detection is included in the Remote Access Tools category. No source data...

AirDroid Detected

This is an informational notice that the scanner was able to detect an AirDroid instance on the target server. Note that this detection is included in the Remote Access Tools category. No source data...

GitLab Public Projects Detected

This is an informational notice that the scanner was able to detect public projects on the target GitLab instance. No source data...

Docker Public Registry Detected

This is an informational notice that the scanner was able to detect a public Docker registry instance. No source data...

TSPlus Detected

This is an informational notice that the scanner was able to detect TSPlus on the target server. Note that this detection is included in the Remote Access Tools category. No source data...

LiteLLM Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible LiteLLM instance on the target application. LiteLLM is a LLM Gateway to provide model access in the OpenAI format. This detection is included in the AI and LLM category. No source data...

GitLab Public Sign-Up Detected

This is an informational notice that the scanner was able to detect a GitLab public sign-up page on the target instance. No source data...

CVE-2025-26933

creationtimestamp| type| source ---|---|--- 2025-03-10 19:02:43+00:00| seen| https://t.me/cvedetector/19973 2025-03-10 19:39:06+00:00| seen| Telegram/BX96YAefJMRUbHRZ14srqphm3-NXIczx1GAHlDlcGMeYEQs 2025-08-16 01:45:14+00:00| seen| MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0 2025-08-19 04:06:32+00:0...

Azure Entra ID Identity Provider Detected

This is an informational notice that the scanner was able to detect an application using Azure Entra ID. No source data...

REST API Detected

This is an informational notice that the scanner was able to detect a REST API. No source data...

Auth0 Identity Provider Detected

This is an informational notice that the scanner was able to detect an application using Auth0 Identity Provider. No source data...

CVE-2025-1776

creationtimestamp| type| source ---|---|--- 2025-02-28 14:27:21+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5904 2025-02-28 17:52:00+00:00| seen| https://t.me/cvedetector/19161 2025-03-02 11:44:23+00:00| seen| Telegram/6ARVCAVolEZ7RUDtB0fis-aGWaZXKyOqLVKvMERYz5HQ0T0q 2025-03-02...

Atlassian Jira Public Dashboard Detected

Atlassian Jira misconfiguration can allow a remote and unauthenticated attacker to enumerate a list of dashboards that may contain sensitive information. No source data...

CVE-2013-2120

creationtimestamp| type| source ---|---|--- 2025-02-06 03:13:41+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:15+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd...

CVE-2024-21525

All versions of the package node-twain are vulnerable to Improper Check or Handling of Exceptional Conditions due to the length of the source data not being checked. Creating a new twain.TwainSDK with a productName or productFamily, manufacturer, version.info property of length = 34 chars leads t...

LobeChat < 0.162.25 Sensitive Data Exposure

According to the self-reported version in its response header, the version of LobeChat hosted on the remote web server is prior to 0.162.25. It is, therefore, affected by a Sensitive Data Exposure through SSO/Access Code. Note that the scanner has not tested for these issues but has instead relie...

LobeChat Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible LobeChat instance on the target application. LobeChat is an open-source, AI chat framework that supports multi AI providers. This detection is included in the AI and LLM category. No source data...

Ollama Multiples Vulnerabilities

According to the self-reported version in its response header, the version of Ollama hosted on the remote is, affected by a Multiples Vulnerabilities : - File existence disclosure through the api. When calling the CreateModel route with a path parameter that does not exist - A Denial Of Service...

Ollama < 0.1.29 DNS Rebinding

According to the self-reported version in its response header, the version of Ollama hosted on the remote web server is 0.1.29. It is, therefore, affected by a DNS Rebinding. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported versi...

Atlassian BitBucket Public Repository Detected

Atlassian BitBucket source code repositories can be either private or public, thus allowing any anonymous unauthentivcated user to access the project and its content. When this feature is unexpectedly enabled on a private source code repository, a remote and unauthenticated attacker could access...