Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2026/03/11 7:55 p.m.24 views

CVE-2026-32097 PingPong has improper access control in thread file endpoints allows access outside intended scope

PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...

8.6CVSS0.00096EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/19 12:0 a.m.4 views

PT-2025-33746 · Hustoj · Hustoj

Name of the Vulnerable Software and Affected Versions: Hustoj version 2025-01-31 Description: The software contains a cross site scripting XSS issue in the thread.php file through the TID parameter. Recommendations: As a mitigation, sanitize the TID parameter in the thread.php file...

6.1CVSS6.2AI score0.00059EPSS
Exploits1References5
CVE
CVEadded 2025/08/19 12:0 a.m.9 views

CVE-2025-50938

CVE-2025-50938 is a cross-site scripting (XSS) vulnerability in Hustoj detected on 2025-01-31, exploitable via the TID parameter in the file thread.php. The issue arises from unsanitized input in the TID parameter, enabling an attacker to inject malicious scripts. According to the CVE metadata, t...

6.1CVSS6AI score0.00059EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2024/12/27 2:15 p.m.6 views

CVE-2024-53173

In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfsreleaseseqid in...

7.8CVSS0.00011EPSS
Exploits0References11
Positive Technologies
Positive Technologiesadded 2019/10/22 12:0 a.m.2 views

PT-2019-14891 · Fusionpbx · Fusionpbx

Name of the Vulnerable Software and Affected Versions: FusionPBX versions up to 4.5.7 Description: The issue concerns the use of an unsanitized contact uuid variable in the file appmessagesmessages thread.php, which is reflected in HTML on three occasions, leading to a cross-site scripting XSS...

6.1CVSS6AI score0.00328EPSS
Exploits0References5
CNVD
CNVDadded 2018/02/24 12:0 a.m.2 views

Wireshark epan/dissectors/packet-thread.c file denial of service vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in the epan/dissectors/packet-thread.c file in Wireshark...

7.5CVSS6.7AI score0.00467EPSS
Exploits0References1
Rows per page
Query Builder