Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/04/29 8:33 p.m.5 views

GHSA-MPFM-FPGX-647Q CKAN has no certificate validation on STMP connection

Impact Configured SMTP server may be spoofed with any certificate e.g. self-signed, leaving credentials and all emails sent open to MITM attacks. Patches The vulnerability has been patched in CKAN 2.10.10 and CKAN 2.11.5...

8.7CVSS5.7AI score0.00009EPSS
Exploits0References5
OSV
OSVadded 2025/03/26 5:15 p.m.2 views

DEBIAN-CVE-2025-30164

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL that, once visited by an authenticated user or one that is able to authenticate, allows to...

6.1CVSS5.3AI score0.00178EPSS
Exploits0References1
OSV
OSVadded 2025/03/26 3:16 p.m.2 views

DEBIAN-CVE-2025-27404

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of tha...

6.1CVSS5.7AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/03/26 12:0 a.m.3 views

Icinga Web 2 跨站脚本漏洞

Icinga Web 2 is an open source monitoring and metrics solution from Icinga Open Source. A cross-site scripting vulnerability exists in Icinga Web 2 versions prior to 2.11.5 and prior to 2.12.13, which stems from embeddable arbitrary Javascript that could lead to user identity impersonation...

7.6CVSS5.8AI score0.00198EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/03/26 12:0 a.m.3 views

PT-2025-12974 · Icinga +1 · Icinga Web 2 +1

Name of the Vulnerable Software and Affected Versions: Icinga Web 2 versions prior to 2.11.5 Icinga Web 2 versions prior to 2.12.13 Description: A vulnerability in Icinga Web 2 allows an attacker to craft a request that embeds arbitrary Javascript into the interface, enabling them to act on behal...

7.6CVSS6.2AI score0.00363EPSS
Exploits0References21
OSV
OSVadded 2024/01/19 8:15 p.m.1 views

DEBIAN-CVE-2024-22211

FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in freerdpbitmapplanarcontextreset leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A...

9.8CVSS7.1AI score0.00868EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/06/30 12:0 a.m.1 views

Joplin 跨站脚本漏洞

Joplin is an open source notes and to-do list application. A security vulnerability exists in Joplin versions prior to 2.11.5, which stems from a cross-site scripting XSS attack via image-mapped AREA elements...

6.1CVSS5.8AI score0.00352EPSS
Exploits0References4
Rows per page
Query Builder