Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2025/08/22 12:0 a.m.2 views

PT-2025-34457 · Reolink · Reolink Smart 2K+ Plug-In Wi-Fi Video Doorbell

Name of the Vulnerable Software and Affected Versions: Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime version 3.0.0.4662 2503122283 Description: The device suffers from an Insecure Direct Object Reference IDOR vulnerability. This allows unauthorized attackers to access Admin-only...

5.3CVSS6.8AI score0.00058EPSS
Exploits0References5
CNNVD
CNNVDadded 2025/06/27 12:0 a.m.2 views

Nix、lix和GNU Guix 安全漏洞

GNU Guix is a product of the U.S. et all is a product of the U.S. GNU community. gnu guix is an open source, cross-platform program package manager. lix et all is a product of the lix open source. lix is a package manager. nix et all is a product of the Nix open source. nix is a powerful package...

3.2CVSS6.4AI score0.0007EPSS
Exploits0References6
Code423n4
Code423n4added 2023/07/13 12:0 a.m.5 views

delegateTo Function of NounsDAOProxyV2 Contract can execute arbitrary code and modify the storage

Lines of code Vulnerability details Impact The delegateTo function delegates execution to another contract using the delegatecall opcode without performing any input validation or checking the returned success flag, the problem is The delegated contract can execute arbitrary code and modify the...

7.8AI score
Exploits0
AlpineLinux
AlpineLinuxadded 2023/05/01 7:41 p.m.28 views

CVE-2023-2197

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKMAESCBCPAD or CKMAESCBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in orde...

2.5CVSS3.4AI score0.00013EPSS
Exploits0
Code423n4
Code423n4added 2022/10/24 12:0 a.m.11 views

Duplicated / Split H -> H from 625 [1666621826143]

Judge has assessed an item in Issue 625 as High risk. The relevant finding follows: Lines of code Vulnerability details storage used in VoteEscrow, modifying data it shouldn't, and vice versa In both the functions delegate and removeDelegation and removeElement, a storage var is used, causing to...

7AI score
Exploits0
Code423n4
Code423n4added 2022/08/06 12:0 a.m.7 views

Storage variable modifications when the contract is paused

Lines of code Vulnerability details Impact The function addMember can be called to modify the the storage variable community even if the contract is paused. function addMemberbytes calldata data, bytes calldata signature external virtual override // Compute hash from bytes bytes32 hash =...

6.9AI score
Exploits0
Code423n4
Code423n4added 2022/07/14 12:0 a.m.5 views

merkleRoot can be set by delegatecall(), violate setMerkelRoot()

Lines of code Vulnerability details Impact When delegatecall to target, the context is on Caller contract, all state change logics reflect on Caller’s storage. If the Vault contract calls the malicious contract by function execute,the important storage variable merkleRoot can be modified. Accordi...

7AI score
Exploits0
Rows per page
Query Builder