Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2026/02/08 1:21 a.m.3 views

CVE-2026-25641

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, there is a sandbox escape vulnerability due to a mismatch between the key on which the validation is performed and the key used for accessing properties. Even though the key used in property accesses is annotated as string, this is...

10CVSS5.4AI score0.00023EPSS
Exploits1References1
OSV
OSVadded 2026/02/06 7:50 p.m.3 views

CVE-2026-25641 SandboxJS has a sandbox escape via TOCTOU bug on keys in property accesses

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, there is a sandbox escape vulnerability due to a mismatch between the key on which the validation is performed and the key used for accessing properties. Even though the key used in property accesses is annotated as string, this is...

10CVSS5.4AI score0.00023EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2021-33423

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00107EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-30261

Malicious code in bioql PyPI...

5.7CVSS5.8AI score0.00043EPSS
Exploits0References4
Veracode
Veracodeadded 2025/01/27 2:57 a.m.3 views

Remote Code Execution (RCE)

system.linq.dynamic.core is vulnerable to Remote code execution RCE. The vulnerability is due to insufficient input validation and improper access control when handling reflection types and static properties/fields in the System.Linq.Dynamic.Core library, allows remote access without proper...

6.4CVSS7.5AI score0.0016EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2024/01/10 10:3 p.m.13 views

CVE-2023-40383

A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data...

5.4AI score0.00051EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/08/03 12:0 a.m.11 views

CVE-2023-36131

PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter...

7.3AI score0.00131EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2022/12/16 12:0 a.m.2 views

PT-2022-14789 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write due to improper input validation in the ppmp unprotect mfcfw buf function of drm fw.c. This could lead to local escalation of privilege in S-EL1 with System...

6.7CVSS6.6AI score0.00016EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/01/12 12:0 a.m.1 views

PT-2022-14822 · Jenkins · Jenkins Mailer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Mailer Plugin versions 391.ve4a 38c1b cf4b and earlier Jenkins Mailer Plugin prior to 408.vd726a 1130320 and 1.34.2 Description: A cross-site request forgery CSRF vulnerability in the Jenkins Mailer Plugin allows attackers to use the...

4.3CVSS4.8AI score0.00181EPSS
Exploits0References11
Rows per page
Query Builder