Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.2 views

Astra Linux - уязвимость в node-tar

The npm package “tar” also known as node-tar in versions prior to 4.4.16, 5.0.8, and 6.1.7 has vulnerabilities related to arbitrary file creation/overwriting and arbitrary code execution. node-tar aims to ensure that any file whose location would be modified by a symbolic link is not extracted...

8.6CVSS7AI score0.00098EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/23 6:55 p.m.2 views

EUVD-2026-25282

Mastodon is a free, open-source social network server based on ActivityPub. Prior to v4.5.9, v4.4.16, and v4.3.22, Mastodon allows restricting new user sign-up based on e-mail domain names, and performs basic validation on e-mail addresses, but fails to restrict characters that are interpreted...

8.2CVSS5.8AI score0.00056EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/23 12:0 a.m.0 views

PT-2026-34728

Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.5.9 Mastodon versions prior to 4.4.16 Mastodon versions prior to 4.3.22 Description Mastodon allows restricting new user sign-up based on e-mail domain names and performs basic validation on e-mail addresses, but i...

8.2CVSS5.2AI score0.00056EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/04/23 12:0 a.m.4 views

Mastodon 安全漏洞

Mastodon is an open-source social networking server based on ActivityPub. Versions of Mastodon prior to 4.5.9, 4.4.16, and 4.3.22 contained security vulnerabilities due to a lack of mechanisms to prevent certain email servers from interpreting characters differently...

8.2CVSS5.8AI score0.00056EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 9:44 a.m.4 views

CVE-2024-21622

Craft is a content management system. This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft starting in 3.x prior to 3.9.6 and 4.x prior to 4.4.16 with certain user permissions setups. This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensu...

8.8CVSS6.9AI score0.00103EPSS
Exploits0References1
OSV
OSVadded 2024/01/03 4:51 p.m.24 views

CVE-2024-21622 Craft CMS Privilege Escalation

Craft is a content management system. This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft starting in 3.x prior to 3.9.6 and 4.x prior to 4.4.16 with certain user permissions setups. This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensu...

5.4CVSS8.4AI score0.00103EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2024/01/03 12:0 a.m.1 views

PT-2024-18974 · Craft · Craft

Name of the Vulnerable Software and Affected Versions: Craft versions 3.x prior to 3.9.6 Craft versions 4.x prior to 4.4.16 Description: This is a potential moderate impact, low complexity privilege escalation issue in Craft with certain user permissions setups. The issue has been fixed in Craft...

8.8CVSS8.7AI score0.00103EPSS
Exploits0References16
Rows per page
Query Builder