Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Snyk
Snykadded 2026/03/18 4:17 p.m.3 views

Timing Attack

Overview h3 is a Minimal HTTP framework built for high performance and portability. Affected versions of this package are vulnerable to Timing Attack via the requireBasicAuth function. An attacker can recover valid authentication credentials by measuring response times and deducing password...

8.2CVSS5.8AI score0.00055EPSS
Exploits1References2
OSV
OSVadded 2024/08/16 2:34 p.m.10 views

CVE-2024-42486 Cilium vulnerable to information leakage via incorrect ReferenceGrant update logic in Gateway API

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In versions on the 1.15.x branch prior to 1.15.8 and the 1.16.x branch prior to 1.16.1, ReferenceGrant changes are not correctly propagated in Cilium's GatewayAPI controller, which could lead to Gateway...

5.4CVSS4.5AI score0.00243EPSS
Exploits0References5
CNNVD
CNNVDadded 2024/05/17 12:0 a.m.2 views

WordPress plugin Total Upkeep 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A path traversal...

7.5CVSS8.7AI score0.01417EPSS
Exploits0References2
OSV
OSVadded 2024/04/30 3:15 p.m.2 views

CVE-2024-2877

Vault Enterprise, when configured with performance standby nodes and a configured audit device, will inadvertently log request headers on the standby node. These logs may have included sensitive HTTP request information in cleartext. This vulnerability, CVE-2024-2877, was fixed in Vault Enterpris...

5.5CVSS6.8AI score
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/04/30 12:0 a.m.2 views

PT-2024-22569 · Hashicorp · Vault Enterprise

Name of the Vulnerable Software and Affected Versions: Vault Enterprise versions prior to 1.15.8 Description: The issue arises when Vault Enterprise is configured with performance standby nodes and a configured audit device, causing it to inadvertently log request headers on the standby node. The...

5.5CVSS6.8AI score0.00057EPSS
Exploits0References12
CNNVD
CNNVDadded 2024/04/30 12:0 a.m.1 views

HashiCorp Vault Enterprise 安全漏洞

HashiCorp Vault Enterprise is an enterprise information archiving platform from HashiCorp USA. Captures information across all communication platforms - seamlessly migrating information from local to the cloud and automatically identifying the most relevant content to ensure regulatory compliance...

5.5CVSS6.3AI score0.00057EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/04/18 12:0 a.m.3 views

PT-2024-2946

Name of the Vulnerable Software and Affected Versions Flatpak versions prior to 1.10.9 Flatpak versions prior to 1.12.9 Flatpak versions prior to 1.14.6 Flatpak versions prior to 1.15.8 Description The issue is related to a sandbox escape vulnerability in Flatpak, which is a system for building,...

10CVSS8.3AI score0.06541EPSS
Exploits2References126
CNNVD
CNNVDadded 2021/07/13 12:0 a.m.1 views

Schneider Electric C-Bus Toolkit 访问控制错误漏洞

Schneider Electric C-Bus Toolkit is an application from Schneider Electric, France. It is used to run, configure and debug C-Bus installations on a personal computer. An Access Control Error vulnerability exists in C-Bus Toolkit version 1.15.8 and earlier, which stems from an incorrect...

5.7CVSS6AI score0.01426EPSS
Exploits1References7
Rows per page
Query Builder