Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Veracode
Veracodeadded 2026/01/09 5:22 a.m.2 views

Improper Access Control

craftcms/cms is vulnerable to Improper Access Control. The vulnerability is due to missing authentication checks on certain administrative actions, which allows an unauthenticated attacker to trigger database backup operations and potentially cause resource exhaustion or information disclosure...

9.1CVSS7.1AI score0.00214EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2026/01/05 10:3 p.m.2 views

EUVD-2026-0825

Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 3.0.0 through 4.16.16, unauthenticated users can trigger database backup operations via specific admin actions, potentially leading to resource exhaustion or information disclosure. Users should update ...

8.3CVSS6.2AI score0.00214EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/11/14 10:49 p.m.7 views

CVE-2016-15056 Ubee EVW3226 Unauthenticated Backup File Disclosure

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

8.7CVSS0.00501EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/11/14 10:49 p.m.5 views

CVE-2016-15056 Ubee EVW3226 Unauthenticated Backup File Disclosure

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

8.7CVSS6.2AI score0.00501EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2025/11/14 12:0 a.m.3 views

PT-2025-47019

Name of the Vulnerable Software and Affected Versions PLANEX CS-QP50F-ING2 smart cameras affected versions not specified Description The PLANEX CS-QP50F-ING2 smart cameras have a configuration backup interface accessible over HTTP without authentication. An unauthenticated remote attacker can...

8.7CVSS6.6AI score0.00333EPSS
Exploits0References7
CERT
CERTadded 2025/08/19 12:0 a.m.10 views

Workhorse Software Services, Inc. software prior to version 1.9.4.48019, default deployment is vulnerable to multiple issues.

Overview Workhorse Software Services, Inc municipal accounting software prior to version 1.9.4.48019 contains design flaws that could allow unauthorized access to sensitive data and facilitate data exfiltration. Specifically, database connection information is stored in plaintext alongside the...

7.4AI score
Exploits0
CNNVD
CNNVDadded 2021/04/29 12:0 a.m.1 views

Smartwares Home Easy 访问控制错误漏洞

Smartwares Home Easy is an application from Smartwares USA. Comfortably control home devices from your iPhone or Android smartphone using a remote outlet An access control error vulnerability exists in Smartwares HOME easy version 1.0.9 and prior versions, which stems from susceptibility to...

7.5CVSS7.4AI score0.01224EPSS
Exploits2References4
Rows per page
Query Builder