Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded yesterday3 views

CVE-2026-41901

Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf. Although the library provides mechanisms to avoid the execution of potentially dangerous...

9CVSS5.7AI score0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/10 6:6 p.m.4 views

CVE-2026-31797 iccDEV has a heap out-of-bounds read in CTiffImg::ReadLine()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CTiffImg::ReadLine when iccApplyProfiles processes a crafted TIFF image, causing memory disclosure or crash. This vulnerability is fixed in 2.3.1.5...

6.1CVSS5.8AI score0.00015EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/03/10 12:0 a.m.4 views

PT-2026-24353

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.5 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. A heap out-of-bounds read exists in the CIccCalculatorFunc::ApplySequence function, which can cause an...

6.1CVSS5.8AI score0.00015EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2026/02/03 2:8 p.m.2 views

CVE-2026-24961 WordPress Grand Blog theme < 3.1.5 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in ThemeGoods Grand Blog grandblog allows Server Side Request Forgery.This issue affects Grand Blog: from n/a through 3.1.5...

5.4CVSS5.3AI score0.00049EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/09/24 6:31 p.m.1 views

CVE-2025-59559

Missing Authorization vulnerability in payrexx Payrexx Payment Gateway for WooCommerce woo-payrexx-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payrexx Payment Gateway for WooCommerce: from n/a through = 3.1.5...

4.3CVSS5.9AI score0.00039EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/05/27 12:0 a.m.7 views

RHEL 8 : yelp and yelp-xsl (RHSA-2025:7569)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7569 advisory. Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including...

7.4CVSS7.3AI score0.01309EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/04/16 12:0 a.m.1 views

Drupal Stage File Proxy 安全漏洞

Drupal Stage File Proxy is a Drupal module for the Drupal community. A security vulnerability exists in Drupal Stage File Proxy versions prior to 3.1.5, which stems from an unrestricted resource allocation and could lead to a flood attack...

5.9CVSS6.6AI score0.00241EPSS
Exploits0References3
OSV
OSVadded 2023/03/08 12:30 p.m.3 views

GHSA-933G-V89R-X8PF Apache Dubbo vulnerable to Deserialization of Untrusted Data

A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions...

9.8CVSS5.9AI score0.50291EPSS
Exploits3References2
Rows per page
Query Builder