Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Packet Storm
Packet Stormadded 2026/05/05 12:0 a.m.55 views

📄 SumatraPDF 3.5.2 Remote Code Execution

SumatraPDF versions 3.5.0 to 3.5.2 disable TLS hostname verification during update checks using INTERNETFLAGIGNORECERTCNINVALID and do not perform any signature or integrity validation on the downloaded installer. Exploit Title: SumatraPDF 3.5.2 - Remote Code Execution Date: 2026-02-10 Exploit...

7.5CVSS5.8AI score0.00445EPSS
Exploits4
Malwarebytes
Malwarebytesadded 2026/04/01 2:27 p.m.4 views

WhatsApp on Windows users targeted in new campaign, warns Microsoft

Microsoft researchers found a campaign that abuses WhatsApp attachments to sneak a script onto Windows machines which will lead to the attacker gaining remote control. WhatsApp offers a desktop application for Windows and macOS, which users can synchronize with their mobile devices. Desktop...

5.9AI score
Exploits0
CNNVD
CNNVDadded 2025/11/13 12:0 a.m.3 views

Zoom Workplace VDI Client 安全漏洞

Zoom Workplace VDI Client is a video conferencing software client for virtual desktop architecture environments from Zoom USA. A security vulnerability exists in Zoom Workplace VDI Client that stems from the installer not verifying cryptographic signatures, which could result in elevated privileg...

7.8CVSS6.8AI score0.00096EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/11/11 12:0 a.m.3 views

Zoom Workplace VDI Client < 6.3.14 Vulnerability (ZSB-25042)

The version of Zoom Workplace VDI Client installed on the remote host is prior to 6.3.14. It is, therefore, affected by a vulnerability as referenced in the ZSB-25042 advisory. - Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow ...

7.8CVSS5.9AI score0.00096EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2015-4693

Malware in sbrugna...

9.3CVSS6.4AI score0.01248EPSS
Exploits1References4
CNNVD
CNNVDadded 2024/08/06 12:0 a.m.2 views

Zscaler Client Connector 安全漏洞

Zscaler Client Connector is a lightweight agent from Zscaler, Inc. A security vulnerability exists in Zscaler Client Connector versions prior to 4.2, which originates from not verifying the digital signature of the installer, allowing arbitrary code to be executed locally...

7.8CVSS7.2AI score0.00126EPSS
Exploits0References2
OSV
OSVadded 2023/11/14 7:15 p.m.1 views

CVE-2023-20568

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code execution...

6.7CVSS6AI score0.00158EPSS
Exploits0References2
NVD
NVDadded 2015/08/07 1:59 a.m.16 views

CVE-2015-4674

The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...

9.3CVSS7.4AI score0.01248EPSS
Exploits1References3
Cvelist
Cvelistadded 2015/08/07 1:0 a.m.20 views

CVE-2015-4674

The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...

7.4AI score0.01248EPSS
Exploits1References3
Rows per page
Query Builder