Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

17 matches found

OSV
OSVadded 2026/05/18 8:10 a.m.5 views

SUSE-SU-2026:1964-1 Security update for rmt-server

This update for rmt-server fixes the following issues - CVE-2026-26961: rack: mismatch in header handling can allow to smuggle multipart content bsc1261398. - CVE-2026-26962: rack: improper unfolding of folded multipart headers can lead to header injection or response splitting bsc1261471. -...

7.5CVSS5.8AI score0.00065EPSS
Exploits0References22
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2017-7122

Malware in sbrugna...

5.9CVSS7.5AI score0.00231EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.0 views

EUVD-2022-32534

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00152EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/03/01 12:0 a.m.1 views

PT-2025-9149 · Woocommerce · Multilevel Referral Affiliate Plugin For Woocommerce

Name of the Vulnerable Software and Affected Versions: Multilevel Referral Affiliate Plugin for WooCommerce versions up to 2.27 Description: The issue allows authenticated attackers with Subscriber-level access and above to inject SQL queries, potentially extracting sensitive information from the...

6.5CVSS9.2AI score0.00087EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2024/12/01 12:0 a.m.2 views

PT-2024-35851 · Woocommerce · Multilevel Referral Affiliate Plugin For Woocommerce

Name of the Vulnerable Software and Affected Versions: Multilevel Referral Affiliate Plugin for WooCommerce versions n/a through 2.27 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows reflected XSS...

7.1CVSS6.3AI score0.00156EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2022/10/19 12:0 a.m.2 views

PT-2022-26892 · Jenkins · Jenkins Pipeline: Stage View Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Stage View Plugin versions 2.26 and earlier Description: The issue arises from the incorrect encoding of the ID of input steps when generating URLs to proceed or abort Pipeline builds, allowing attackers who can configure...

8CVSS6.3AI score0.00016EPSS
Exploits0References7
OSV
OSVadded 2022/04/15 2:15 p.m.5 views

CVE-2022-28048

STB v2.27 was discovered to contain an integer shift of invalid size in the component stbijpegdecodeblockprogac...

8.8CVSS7AI score
Exploits0References5
Positive Technologies
Positive Technologiesadded 2022/02/17 12:0 a.m.2 views

PT-2022-7204 · Unknown +2 · Stb Image.H +2

Name of the Vulnerable Software and Affected Versions: stb image.h version 2.27 Description: The issue is related to an integer overflow in the stbi jpeg decode block prog dc function, which can be exploited by attackers to cause a Denial of Service DoS via unspecified vectors. This can allow a...

8.8CVSS6.1AI score0.01147EPSS
Exploits5References65
Positive Technologies
Positive Technologiesadded 2021/07/22 12:0 a.m.2 views

PT-2021-7967 · Unknown +2 · Stb Image.H +2

Name of the Vulnerable Software and Affected Versions: stb image.h version 2.27 Description: The issue is related to a heap-based buffer overflow in the stbi jpeg load function of the stb image.h library, which can lead to Information Disclosure or Denial of Service. This can be exploited by a...

9.4CVSS6.4AI score0.01147EPSS
Exploits5References39
Broadcom
Broadcomadded 2019/04/01 12:0 a.m.6 views

BSA-2018-616

Security Advisory ID : BSA-2018-616 Component : bzip2recover Revision : 2.0 The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator. Affected Products Security update provided inBrocade Fabric OS...

9.8CVSS9.6AI score0.00207EPSS
Exploits0
CNVD
CNVDadded 2019/01/18 12:0 a.m.2 views

GL-AR300M-Lite Path Traversal Vulnerability

The GL-AR300M-Lite is a smart wireless router. A directory traversal vulnerability exists in GL-AR300M-Lite version 2.27. An attacker can exploit this vulnerability to have an indeterminate impact via a directory traversal sequence...

8.8CVSS7AI score0.03836EPSS
Exploits4References1
CNVD
CNVDadded 2019/01/18 12:0 a.m.4 views

GL-AR300M-Lite Arbitrary File Download Vulnerability

The GL-AR300M-Lite is a smart wireless router. An arbitrary file download vulnerability exists in GL-AR300M-Lite version 2.27, which can be exploited by attackers to download arbitrary files...

6.5CVSS7AI score0.07156EPSS
Exploits4References1
exploitpack
exploitpackadded 2019/01/16 12:0 a.m.20 views

GL-AR300M-Lite 2.27 - (Authenticated) Command Injection Arbitrary File Download Directory Traversal

GL-AR300M-Lite 2.27 - Authenticated Command Injection Arbitrary File Download Directory Traversal Exploit Title: GL-AR300M-Lite Authenticated Command injection - Arbitrary file download - Directory Traversal Date: 15/1/2019 Exploit Author: Pasquale Turi aka boombyte Vendor Homepage:...

6.5CVSS0.07156EPSS
Exploits7
Exploit DB
Exploit DBadded 2019/01/16 12:0 a.m.55 views

GL-AR300M-Lite 2.27 - (Authenticated) Command Injection / Arbitrary File Download / Directory Traversal

Exploit Title: GL-AR300M-Lite Authenticated Command injection - Arbitrary file download - Directory Traversal Date: 15/1/2019 Exploit Author: Pasquale Turi aka boombyte Vendor Homepage: https://www.gl-inet.com/ Software Link: https://www.gl-inet.com/products/gl-ar300m/ Version: Firmware version...

8.8CVSS7AI score0.07156EPSS
Exploits7
OSV
OSVadded 2018/02/02 2:29 p.m.11 views

CVE-2017-14178

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions...

7.5CVSS7.9AI score0.01172EPSS
Exploits0References3
Packet Storm
Packet Stormadded 2011/08/31 12:0 a.m.31 views

IBM Open Admin Tool 2.27 Cross Site Scripting

“XSS in IBM Open Admin Tool OAT2.27installwindows.exe” Product version tested : OAT v2.27 Vendore has been informed : July 27, 2010 They fix the vulnerability on : March 2011 Fixed version: OAT v2.72 Credit : sumit kumar soni [email protected] Product Link:...

7.4AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2010/06/07 3:22 p.m.30 views

Moderate: Red Hat Security Advisory: perl security update

Updated perl packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

8.5CVSS6AI score0.04483EPSS
Exploits3References4
Rows per page
Query Builder