Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2026/05/21 3:32 p.m.12 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse [CVE-2026-25679]

Summary IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse, which may cause acceptance of some invalid URLs CVE-2026-25679. url.Parse is used in our speech utilities. This vulnerabilitiy has been addressed. Please read the details for remediation below...

7.5CVSS7.1AI score0.00044EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/24 2:10 p.m.7 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to handshake corruption due to the crypto/tls package (CVE-2025-68121)

Summary Crypto/tls is used as part of secure encryption by DataStage on Cloud Pak for Data. Vulnerability Details CVEID:CVE-2025-68121 DESCRIPTION: During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the...

10CVSS5.9AI score0.00012EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 7:7 a.m.15 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.3.1 Vulnerability Details CVEID:CVE-2025-58183 DESCRIPTION: tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A...

7.5CVSS5.7AI score0.00298EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVEadded 2026/01/09 9:26 a.m.3 views

CVE-2023-4482

The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the style parameter in versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access to inject...

6.4CVSS5AI score0.00129EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/05/08 2:8 a.m.4 views

WordPress Back In Stock Notifier for WooCommerce plugin <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Back In Stock Notifier for WooCommerce versions = 5.3.1...

6.5CVSS7.1AI score0.01081EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2021/10/04 12:0 a.m.2 views

PT-2021-23276 · Poly · Poly Vvx 400/410

Name of the Vulnerable Software and Affected Versions: Poly VVX 400/410 versions 5.3.1 and earlier Description: The issue allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process. Recommendations: For Poly VVX 400/410 versions...

8.8CVSS8.5AI score0.00525EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2019/09/11 12:0 a.m.8 views

PT-2019-5223 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions 3.7 through 5.3.0 Description: The issue is related to the wp targeted link rel function in WordPress, which can be exploited to result in a stored cross-site scripting XSS vulnerability. This vulnerability can be used by a...

9.8CVSS6.4AI score0.81017EPSS
Exploits16References78
Rows per page
Query Builder