Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2025/08/19 12:15 p.m.4 views

CVE-2025-9136

A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...

7.8CVSS6.9AI score
Exploits0References7
CNNVD
CNNVDadded 2025/08/14 12:0 a.m.1 views

WordPress plugin FoodMenu 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

7.1CVSS5.9AI score0.00051EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/10/12 12:0 a.m.2 views

PT-2023-29403 · Otwthemes · Otwthemes Blog Manager Light

Name of the Vulnerable Software and Affected Versions: OTWthemes Blog Manager Light plugin versions = 1.20 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is...

8.8CVSS8.5AI score0.00051EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/05/30 12:0 a.m.2 views

PT-2023-24241 · Mojang · Minecraft

Name of the Vulnerable Software and Affected Versions: Minecraft versions 1.19 through 1.20 pre-releases before 7 Java Description: The issue allows for arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink. Recommendations: For Minecraft versions...

8.8CVSS7.3AI score0.00915EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2022/06/22 12:0 a.m.2 views

PT-2022-22050 · Jenkins · Jenkins Nested View Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Nested View Plugin versions 1.20 through 1.25 Description: The issue is related to a reflected cross-site scripting XSS vulnerability. This occurs because the plugin does not escape search parameters. No information is provided about...

8.8CVSS5.9AI score0.14806EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2022/02/15 12:0 a.m.1 views

PT-2022-17147 · Jenkins · Jenkins Chef Sinatra Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Chef Sinatra Plugin versions 1.20 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an...

8.8CVSS8.6AI score0.00124EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2022/02/15 12:0 a.m.2 views

PT-2022-17148 · Jenkins · Jenkins Chef Sinatra Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Chef Sinatra Plugin versions 1.20 and earlier Description: The issue arises from the plugin not configuring its XML parser to prevent XML external entity XXE attacks, allowing attackers to have Jenkins parse a crafted XML response for...

8.8CVSS8.4AI score0.0011EPSS
Exploits0References6
Rows per page
Query Builder