Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1564 matches found

Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-8845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The tmreclaimthread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists...

5.5CVSS6.3AI score0.00062EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2018-8043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The unimacmdioprobe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allo...

5.5CVSS6AI score0.00081EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2018-11508

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The compatgettimex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via...

5.5CVSS6.3AI score0.01537EPSS
Exploits3References2
Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-1865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fts.c in coreutils 8.4 allows local users to delete arbitrary files. CVE-2015-1865 Note that Nessus relies on the presence of the package as reported by the...

5.1CVSS5.5AI score0.00076EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-18018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX -R -L options...

7.1CVSS5.7AI score0.00056EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2013-2217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack o...

1.2CVSS5.5AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/03 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2007-6761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobufmapping data structures, which allows local users to trigge...

7.8CVSS6.8AI score0.00105EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2011-0543

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypas...

3.3CVSS5.5AI score0.00062EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/02/24 12:0 a.m.8 views

Siemens SCALANCE W700 Out-of-bounds Write (CVE-2023-2194)

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace data-block0 variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dmabuffer. This flaw could allow a local privileged...

6.7CVSS6.9AI score0.0002EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/02/14 5:23 a.m.10 views

CVE-2024-36079

An issue was discovered in Vaultize 21.07.27. When uploading files, there is no check that the filename parameter is correct. As a result, a temporary file will be created outside the specified directory when the file is downloaded. To exploit this, an authenticated user would upload a file with ...

6.5CVSS6.7AI score0.0046EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/02/12 12:0 a.m.3 views

PT-2025-6972 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions 0.72 through 10.0.17 Description: The issue allows an anonymous user to disable all active plugins. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where...

9.8CVSS4.7AI score0.28839EPSS
Exploits9References77
Veracode
Veracodeadded 2025/02/09 5:58 a.m.5 views

Authentication Bypass

GitLab CE/EE is vulnerable to Authentication bypass. The vulnerability is due to an issue where an LDAP user can reset their password using their verified secondary email address, bypassing LDAP authentication. Attackers can exploit this to gain direct access to affected GitLab instances without...

5.3CVSS6.9AI score0.00007EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVEadded 2025/02/05 11:28 p.m.18 views

CVE-2022-23000

The Western Digital My Cloud Web App https://os5.mycloud.com/ uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an "SSL" context instead of "TLS" or specifying stronger validation,...

7.8CVSS6.4AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/05 5:37 a.m.7 views

CVE-2024-1356

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

7.2CVSS8.2AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/05 3:35 a.m.13 views

CVE-2024-45076

IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system...

9.9CVSS7.1AI score0.00192EPSS
Exploits0References1
OSV
OSVadded 2025/01/27 5:12 p.m.15 views

CVE-2025-24367 Cacti allows Arbitrary File Creation leading to RCE

Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading to remote code execution on the server. This vulnerability is fixed...

8.7CVSS9.3AI score0.87934EPSS
Exploits10References5
AlpineLinux
AlpineLinuxadded 2025/01/27 5:6 p.m.14 views

CVE-2025-22604

Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ssnetsnmpdiskio or ssnetsnmpdiskbytes, a part of each OID will be used as a key in an array that is...

9.1CVSS6.9AI score0.70074EPSS
Exploits1References3
OSV
OSVadded 2025/01/16 5:19 p.m.21 views

GHSA-P9V8-Q5M4-PF46 CVE-2024-5138: snapd snapctl auth bypass

Impact A snap with prior permissions to create a mount entry on the host, such as firefox, normally uses the permission from one of the per-snap hook programs. A unprivileged users cannot normally trigger that behaviour by using snap run --shell firefox followed by snapctl mount, since snapd...

4CVSS8AI score0.00614EPSS
Exploits1References6
NVD
NVDadded 2025/01/15 5:15 p.m.7 views

CVE-2025-20088

Mattermost versions 10.2.x = 10.2.0, 9.11.x = 9.11.5, 10.0.x = 10.0.3, 10.1.x = 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post...

6.5CVSS0.00342EPSS
Exploits0References1
NVD
NVDadded 2025/01/15 5:15 p.m.8 views

CVE-2025-21083

Mattermost Mobile Apps versions =2.22.0 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post...

6.5CVSS0.00461EPSS
Exploits0References1
Rows per page
Query Builder