Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2025/11/18 12:0 a.m.1 views

Fortinet FortiClientWindows 安全漏洞

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exis...

7.8CVSS7.5AI score0.00018EPSS
Exploits0References3
OSV
OSVadded 2024/02/13 6:34 p.m.30 views

GHSA-CMH9-RX85-XJ38 XSS sidekiq-unique-jobs UI server vulnerability

Summary Cross site scripting XSS potentially exposing cookies / sessions / localStorage, fixed by sidekiq-unique-jobs v8.0.7. Specifically, this is a Reflected Server-Side, Non-Self, Cross Site Scripting vulnerability, considered a P3 on the BugCrowd taxonomy with the following categorization:...

7.1CVSS8AI score0.00266EPSS
Exploits3References6
OSV
OSVadded 2024/01/02 6:32 p.m.27 views

GO-2023-2385 Insufficient entropy in AES-256-CBC in github.com/pubnub/go

There is insufficient entropy in the implementation of the AES-256-CBC cryptographic algorithm. The provided encrypt functions are less secure when hex encoding and trimming are applied, leaving half of the bits in the key always the same for every encoded message or file. Users are encouraged to...

5.9CVSS5.6AI score0.00381EPSS
Exploits1References2
OSV
OSVadded 2023/07/04 5:15 p.m.13 views

CVE-2023-31999

All versions of @fastify/oauth2 used a statically generated state parameter at startup time and were used across all requests for all users. The purpose of the Oauth2 state parameter is to prevent Cross-Site-Request-Forgery attacks. As such, it should be unique per user and should be connected to...

8.8CVSS7.1AI score
Exploits0References3
CVE
CVEadded 2021/01/20 12:43 a.m.56 views

CVE-2020-19363

Vtiger CRM v7.2.0 contains a directory traversal vulnerability due to improper access controls in /libraries and /layout. An unauthenticated attacker can display hidden files and list directories, enabling information disclosure. The Nuclei template confirms directory listing without authenticati...

6.5CVSS6.4AI score0.06148EPSS
In wildExploits1References3Affected Software1
exploitpack
exploitpackadded 2016/04/08 12:0 a.m.24 views

op5 7.1.9 - Remote Command Execution

op5 7.1.9 - Remote Command Execution + Credits: hyp3rlinx + Website: http://hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/OP5-REMOTE-CMD-EXECUTION.txt Vendor: ============ www.op5.com Product: =========== op5 v7.1.9 op5 Monitor is a software product for server,...

0.1AI score
Exploits0
0day.today
0day.todayadded 2016/02/11 12:0 a.m.30 views

File Replication Pro 7.2.0 - Multiple Vulnerabilities

Exploit for jsp platform in category remote exploits Title: File Replication Pro Remote Command Execution Vendor: File Replication Pro Vendor URL: http://www.filereplicationpro.com/ Versions affected: = Permalink: Summary: -------- File Replication Pro FRP is a file management solution that is us...

7.1AI score
Exploits0
Rows per page
Query Builder