Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2024/04/10 12:7 p.m.24 views

CVE-2024-31309 Apache Traffic Server: HTTP/2 CONTINUATION frames can be utilized for DoS attack

HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting proxy.config.http2.maxcontinuationframesperminute to limit the number of CONTINUATION frames...

7.6AI score0.10847EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2024/03/15 12:0 a.m.3 views

PT-2024-20408 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 8.1.x through 8.1.9 Mattermost versions 9.2.x through 9.2.5 Mattermost versions 9.3.x through 9.3.1 Mattermost versions 9.4.x through 9.4.2 Description: The issue allows an authenticated attacker to crash the client...

4.3CVSS7.1AI score0.00132EPSS
Exploits0References8
Prion
Prionadded 2024/02/29 11:15 a.m.11 views

Code injection

Mattermost version 8.1.x before 8.1.9 fails to sanitize data associated with permalinks when a plugin updates an ephemeral post, allowing an authenticated attacker who can control the ephemeral post update to access individual posts' contents in channels they are not a member of...

2.1CVSS7.1AI score0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/10/17 6:57 a.m.24 views

CVE-2023-41752 Apache Traffic Server: s3_auth plugin problem with hash calculation

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue...

7.5AI score0.00347EPSS
Exploits0References6
WPVulnDB
WPVulnDBadded 2023/01/17 12:0 a.m.20 views

teachPress < 8.1.9 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the tab parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00287EPSS
Exploits0Affected Software1
ICS
ICSadded 2022/07/26 12:0 a.m.88 views

Inductive Automation Ignition

1. EXECUTIVE SUMMARY CVSS v3 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Inductive Automation Equipment: Ignition Vulnerability: Improper Restriction of XML External Entity Reference 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

9.8CVSS9.6AI score0.00277EPSS
Exploits0References5
CNVD
CNVDadded 2019/08/26 12:0 a.m.1 views

Palo Alto Networks PAN-OS Memory Corruption Vulnerability

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. A memory corruption vulnerability exists in Palo Alto Networks PAN-OS versions 8.1.9 and earlier and 9.0.3 and earlier. An attacker can exploit this vulnerability to corrupt arbitrary...

7.2CVSS7.1AI score0.00542EPSS
Exploits0References1
Rows per page
Query Builder