Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2026/03/04 12:0 a.m.3 views

Craft CMS 安全漏洞

Craft CMS is an open-source content management system developed by Craft CMS. Versions prior to Craft CMS 5.9.0-beta.1 and 4.17.0-beta.1 contained security vulnerabilities. These vulnerabilities stemmed from a lack of permission verification during repeated entry operations, which could allow...

5.3CVSS5.8AI score0.00042EPSS
Exploits1References3
CVE
CVEadded 2026/02/04 7:40 p.m.7 views

CVE-2026-25161

CVE-2026-25161 affects Alist up to version 3.56.x, with a path traversal flaw in multiple file operation handlers. By injecting traversal sequences into filename components, an authenticated user can bypass directory-level authorisation and perform unauthorised removal, movement, or copying of fi...

8.8CVSS5.4AI score0.00035EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVEadded 2026/02/04 3:15 a.m.4 views

CVE-2026-25059

OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, the application contains path traversal vulnerability in multiple file operation handlers in server/handles/fsmanage.go. Filename components in req.Names are directly concatenated with validated directories using stdpath.Join. Thi...

8.8CVSS5.5AI score0.00034EPSS
Exploits1References1
OSV
OSVadded 2026/02/02 10:24 p.m.4 views

CVE-2026-25059 OpenList affected by Path Traversal in file copy and remove handlers

OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, the application contains path traversal vulnerability in multiple file operation handlers in server/handles/fsmanage.go. Filename components in req.Names are directly concatenated with validated directories using stdpath.Join. Thi...

8.8CVSS5.6AI score0.00034EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/12/12 12:0 a.m.3 views

WordPress plugin PDF for Contact Form 7 + Drag and Drop Template Builder 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPre...

5.3CVSS5.8AI score0.00039EPSS
Exploits0References4
Prion
Prionadded 2012/08/29 10:55 p.m.11 views

Design/Logic Flaw

The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local users to bypass intended access restrictions a...

3.3CVSS6.4AI score0.00051EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2002/08/31 4:0 a.m.48 views

CVE-2002-1017

The CVE-2002-1017 entry concerns Adobe eBook Reader 2.1 and 2.2. The vulnerability arises via the backup feature, which can capture the encryption Challenge and, using the appropriate hash function, generate the activation code to copy eBooks to other systems. Affected software is Adobe eBook Rea...

2.1CVSS6.9AI score0.00252EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder