Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Vulnrichment
Vulnrichmentadded 2025/12/31 6:39 p.m.4 views

CVE-2025-34467 ZwiiCMS < 13.7.00 Lock Persistence Authenticated DoS Against Administrative Pages

ZwiiCMS versions prior to 13.7.00 contain a denial-of-service vulnerability in multiple administrative endpoints due to improper authorization checks combined with flawed resource state management. When an authenticated low-privilege user requests an administrative page, the application returns...

5.3CVSS6.2AI score0.0019EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/09/24 12:0 a.m.12 views

CVE-2025-57351

A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...

0.004EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/09/24 12:0 a.m.4 views

ts-fns 安全漏洞

ts-fns is a java library by tangshuang personal developer. A security vulnerability exists in ts-fns versions prior to 13.0.7, which stems from insufficient validation of user-supplied keys by the assign function and could lead to a prototype pollution attack...

6.5CVSS6.4AI score0.004EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/22 11:25 p.m.6 views

CVE-2022-39875

Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout...

5.1CVSS4.9AI score0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/05/17 12:0 a.m.8 views

CVE-2023-27233

Piwigo before 13.6.0 was discovered to contain a SQL injection vulnerability via the order0dir parameter at userlistbackend.php...

8.2AI score0.00902EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/02/22 12:0 a.m.4 views

Misskey 跨站脚本漏洞

Misskey is a set of micro-blogging platform. A cross-site scripting vulnerability exists in Misskey versions prior to 13.3.1, which stems from insufficient validation of redirect URLs and can be exploited by an attacker to execute arbitrary JavaScript...

7.1CVSS6.2AI score0.00445EPSS
Exploits0References3
CNVD
CNVDadded 2020/09/30 12:0 a.m.2 views

GitLab Username Format Restriction Bypass Vulnerability

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A vulnerability exists in GitLab versions prior to 13.1 that can be exploited to bypass the usernam...

8.3CVSS6.8AI score0.01418EPSS
Exploits1References1
CNVD
CNVDadded 2019/11/21 12:0 a.m.2 views

Cisco Email Security Appliance AsyncOS Software Input Validation Error Vulnerability

Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. An input validation error vulnerability exists in the MP3 detection engine of AsyncOS Software prior to version 13.0 in the Cisco ESA, which stems fro...

5.8CVSS6.8AI score0.00452EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2018/02/08 7:29 a.m.2 views

CVE-2018-0116

A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to be authorized as a subscriber without providing a valid password; however, the attacker must provide a valid username. The vulnerability is due to incorrect RADIUS user...

7.2CVSS5.7AI score0.0108EPSS
Exploits0References3
Rows per page
Query Builder