Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2025/09/30 12:8 a.m.12 views

CVE-2025-10991

CVE-2025-10991 affects TP-Link TP-Link Tapo D230S1 (V1.20) prior to 1.2.2 Build 20250907. The issue enables a local attacker to obtain root access by connecting to the UART port, requiring physical access to the device. Impact is described as total on technical metrics, with high confidentiality,...

7CVSS6.4AI score0.00028EPSS
Exploits0References1
OSV
OSVadded 2025/09/27 5:15 a.m.4 views

CVE-2025-10954

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range"...

7.5CVSS6.9AI score
Exploits0References3
CNNVD
CNNVDadded 2025/03/20 12:0 a.m.2 views

anything-llm 输入验证错误漏洞

anything-llm is an all-in-one desktop and Docker AI application open-sourced by Mintplex. An input validation error vulnerability exists in versions prior to anything-llm 1.2.2, which stems from the presence of Prisma injection in the API endpoint /embed/:embedId/stream-chat, which allows an...

5.3CVSS5.6AI score0.00467EPSS
Exploits1References2
CNNVD
CNNVDadded 2024/05/14 12:0 a.m.2 views

WordPress plugin LetterPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.1CVSS6.5AI score0.00209EPSS
Exploits2References3
Vulnrichment
Vulnrichmentadded 2023/02/21 8:51 a.m.8 views

CVE-2023-0059 Youzify < 1.2.2 - Contributor+ Stored XSS

The Youzify WordPress plugin before 1.2.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.9AI score0.00198EPSS
Exploits1References1
OSV
OSVadded 2023/02/13 3:15 p.m.1 views

CVE-2023-0362

Themify Portfolio Post WordPress plugin before 1.2.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00181EPSS
Exploits2References1
ATTACKERKB
ATTACKERKBadded 2022/05/21 3:15 a.m.3 views

CVE-2022-1752

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2...

9CVSS5.8AI score0.00387EPSS
Exploits1References3
Rows per page
Query Builder