Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 8:37 a.m.8 views

CVE-2019-20520

ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the api/method/ URI...

7.4CVSS5.7AI score0.00786EPSS
Exploits1References1
OSV
OSVadded 2025/10/17 5:15 a.m.3 views

CVE-2025-11849

Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth before 1.11.0; versions of the package org.zwobble.mammoth:mammoth before 1.11.0 are vulnerable to Directory Traversal due to the lack of...

6.4CVSS6.8AI score
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-24635

Malware in sbrugna...

5.3CVSS5.5AI score0.04455EPSS
Exploits0References19
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2014-5026

Malware in sbrugna...

5CVSS6.4AI score0.0234EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2017-1644

Malware in sbrugna...

6.5CVSS6.5AI score0.0133EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/07/30 8:40 p.m.12 views

CVE-2025-54428

RevelaCode is an AI-powered faith-tech project that decodes biblical verses, prophecies and global events into accessible language. In versions below 1.0.1, a valid MongoDB Atlas URI with embedded username and password was accidentally committed to the public repository. This could allow...

9.8CVSS7.3AI score0.00445EPSS
Exploits0References1
Snyk
Snykadded 2025/05/06 4:51 p.m.2 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration through the Session API. An attacker can authenticate on behalf of the user by repeatedly using idp intents to retrieve the id and token from the application's URI. Remediation Upgrade...

8CVSS7AI score0.00388EPSS
Exploits0References2
CNVD
CNVDadded 2025/03/27 12:0 a.m.2 views

Apache Commons VFS Information Disclosure Vulnerability

Apache Commons VFS is a public virtual file system from the Apache USA Foundation. Apache Commons VFS prior to version 2.10.0 suffers from an information disclosure vulnerability that stems from the FtpFileObject class that may disclose the original URI containing the password if the file is not...

5CVSS6.5AI score0.00723EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/03/23 8:18 p.m.16 views

CVE-2025-30474

A flaw was found in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing the original URI in its message, which may include a password...

7.5CVSS6.4AI score0.00723EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2023/02/20 12:21 p.m.2 views

Mozilla: Content security policy leak in violation reports using iframes

The Mozilla Foundation Security Advisory describes this flaw as: The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect...

6.5CVSS7.3AI score0.00672EPSS
Exploits0References6
Cvelist
Cvelistadded 2021/10/28 3:21 p.m.14 views

CVE-2021-22047

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for...

5.6AI score0.00746EPSS
Exploits0References1
Rows per page
Query Builder