Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Positive Technologies
Positive Technologiesadded 2026/05/11 12:0 a.m.6 views

PT-2026-39755

A security vulnerability has been detected in jishenghua jshERP up to 3.6. This affects the function getUserByWeixinCode of the file jshERP-boot/src/main/java/com/jsh/erp/service/UserService.java of the component updatePlatformConfigByKey Endpoint. Such manipulation of the argument weixinUrl lead...

5.8CVSS5.5AI score0.00046EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-28077

Malicious code in bioql PyPI...

6.8CVSS6.5AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/24 11:17 p.m.10 views

CVE-2025-4692

Actors can use a maliciously crafted JavaScript object notation JSON web token JWT to perform privilege escalation by submitting the malicious JWT to a vulnerable method exposed on the cloud platform. If the exploit is successful, the user can escalate privileges to access any device managed by t...

6.8CVSS7.4AI score0.00168EPSS
Exploits0References1
NVD
NVDadded 2025/05/23 12:15 a.m.10 views

CVE-2025-4692

Actors can use a maliciously crafted JavaScript object notation JSON web token JWT to perform privilege escalation by submitting the malicious JWT to a vulnerable method exposed on the cloud platform. If the exploit is successful, the user can escalate privileges to access any device managed by t...

6.8CVSS0.00168EPSS
Exploits0References1
CVE
CVEadded 2025/05/22 11:12 p.m.56 views

CVE-2025-4692

CVE-2025-4692 : Affects ABUP Cloud Update Platform (IoT cloud platform). A maliciously crafted JSON Web Token (JWT) can be submitted to a vulnerable cloud method to perform privilege escalation, allowing access to any device managed by the platform. Root cause: JWT-based privilege escalation via ...

6.8CVSS7AI score0.00168EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/05/22 12:0 a.m.4 views

PT-2025-22569 · Unknown · Abup Cloud Update Platform

Name of the Vulnerable Software and Affected Versions: ABUP Cloud Update Platform affected versions not specified Description: The issue allows actors to perform privilege escalation by submitting a maliciously crafted JavaScript object notation JSON web token JWT to a vulnerable method exposed o...

6.8CVSS6.6AI score0.00168EPSS
Exploits0References3
OSV
OSVadded 2024/09/16 9:0 a.m.21 views

RHSA-2022:8850 Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-ujson) security update

Bulletin has no description...

7.5CVSS6.4AI score0.00173EPSS
Exploits1References13
Microsoft KB
Microsoft KBadded 2023/03/14 7:0 a.m.108 views

March 14, 2023—KB5023706 (OS Build 22621.1413)

March 14, 2023—KB5023706 OS Build 22621.1413 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to find out...

9.8CVSS7.8AI score0.74637EPSS
Exploits1
OSV
OSVadded 2019/12/04 5:16 p.m.0 views

CVE-2018-0728

This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions...

7.5CVSS5.8AI score0.00276EPSS
Exploits0References1
Rows per page
Query Builder