Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61 matches found

Snyk
Snykadded 2026/04/10 4:9 p.m.1 views

Use of Less Trusted Source

Overview Affected versions of this package are vulnerable to Use of Less Trusted Source via the nspawn process. An attacker can gain unauthorized access to the host system by supplying a crafted optional configuration file. Remediation A fix was pushed into the master branch but not yet published...

7.1CVSS5.8AI score0.0001EPSS
Exploits0References2
CVE
CVEadded 2025/12/28 9:2 p.m.6 views

CVE-2025-15154

CVE-2025-15154 affects PbootCMS (up to 3.2.12). The vulnerable component is Header Handler, function get_user_ip in core/function/handle.php, where manipulation of X-Forwarded-For causes the system to use a less trusted source. Attacks can be remote and public exploits are disclosed. Remediation:...

6.9CVSS6.5AI score0.0004EPSS
Exploits1References4Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-28529

Malicious code in bioql PyPI...

6.9CVSS5.5AI score0.00038EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-47531

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00087EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-3518

Malicious code in bioql PyPI...

8.6CVSS8.4AI score0.00153EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2021-28833

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00794EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2025/09/08 4:42 a.m.3 views

RICOH Streamline NX vulnerable to tampering with operation history

Overview RICOH Streamline NX provided by Ricoh Company, Ltd. contains the following vulnerability. Use of Less Trusted Source CWE-348 - CVE-2025-58422 Ricoh Company, Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Ricoh Company, Ltd. coordinated...

3.1CVSS4AI score0.00031EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2025/08/20 6:30 a.m.3 views

Multiple vulnerabilities in Movable Type

Overview Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. Use of less trusted source CWE-348 - CVE-2025-53522 Open redirect CWE-601 - CVE-2025-55706 Six Apart Ltd. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN...

6.9CVSS7.4AI score0.00046EPSS
Exploits0References6
CVE
CVEadded 2025/08/20 4:22 a.m.12 views

CVE-2025-53522

CVE-2025-53522 affects Movable Type and related editions, caused by use of a less trusted source (CWE-348). A remote unauthenticated attacker could trigger a tampered password-reset email. Documented impact: password reset email may be forged by exploiting the trusted source weakness. Public disc...

6.9CVSS7.5AI score0.00038EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2025/08/20 12:0 a.m.4 views

JVN#76729865: Multiple vulnerabilities in Movable Type

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. Use of less trusted source(CWE-348) CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score 5.3 CVE-2025-53522 Open...

6.9CVSS7.8AI score0.00046EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/22 9:22 p.m.7 views

CVE-2021-41832

It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory...

7.5CVSS6.8AI score0.00794EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2025/05/07 9:16 p.m.6 views

CVE-2025-31177

gnuplot is affected by a heap buffer overflow at function utf8copyone...

5.5CVSS6.7AI score0.00167EPSS
Exploits0References3
Circl
Circladded 2025/03/12 3:40 p.m.4 views

CVE-2025-0813

creationtimestamp| type| source ---|---|--- 2025-03-12 15:40:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7322 2025-03-18 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-077-01...

7CVSS4.8AI score0.0001EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/02/06 3:58 a.m.7 views

CVE-2021-39174

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges User or Admin, can leak the value of any configuration entry of the dotenv file, e.g. the application secret APPKEY and various passwords email, database, etc. This issue was...

8.8CVSS6.4AI score0.5172EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/02/06 3:54 a.m.10 views

CVE-2021-39173

Cachet is an open source status page system. Prior to version 2.5.1 authenticated users, regardless of their privileges User or Admin, can trick Cachet and install the instance again, leading to arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving the...

8.8CVSS7.3AI score0.037EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/05 7:36 p.m.5 views

CVE-2022-39246

matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others...

7.5CVSS6.6AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2024/12/13 5:51 p.m.9 views

CVE-2024-55887

A flaw was found in the ucum-java library for FHIR. XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where ucum is being use...

8.6CVSS8.4AI score0.00153EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/12/13 4:8 p.m.11 views

CVE-2024-55887 Ucum-java has an XXE vulnerability in XML parsing

Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts...

8.6CVSS6.8AI score0.00153EPSS
Exploits0References1
Brave Browser
Brave Browseradded 2024/08/22 7:4 a.m.8 views

Brave Desktop 1.69.153 Security Fixes

Implemented process hardening for the Brave VPN services on Windows. - Implemented a trusted source check for "Elevator::InstallVPNServices". - Updated code to use JSON serialization to escape all unsafe symbols in SpeedReader. - Limited extension features to allow listed extensions. Upgraded...

5.9AI score
Exploits0References5Affected Software1
NVD
NVDadded 2024/06/21 4:15 p.m.11 views

CVE-2022-44593

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through 9.3.1...

5.3CVSS0.00087EPSS
Exploits0References1
Rows per page
Query Builder