Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/05/29 12:9 p.m.8 views

EUVD-2026-33282

Incorrect permission settings on a critical resource in Suprema BioStar 2 versions 2.9.3 through 2.9.11 that allow backup files to be publicly exposed when the administrator configures their path within the NGINX webroot. This vulnerability allows an attacker with network access to directly...

10CVSS5.8AI score0.00341EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/25 5:7 p.m.20 views

CVE-2026-27496 n8n has In-Process Memory Disclosure in its Task Runner

n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...

7.1CVSS0.00262EPSS
Exploits0References3
CVE
CVEadded 2026/02/25 10:19 p.m.32 views

CVE-2026-27577

CVE-2026-27577 concerns n8n’s expression evaluation in workflow parameters, enabling remote code execution when an authenticated user with workflow edit rights crafts expressions. The issue is the expression sandbox escape leading to unintended host command execution. Affected releases are before...

9.9CVSS5.8AI score0.1016EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2024/08/01 9:15 p.m.3 views

CVE-2024-39621

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in CridioStudio ListingPro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.3...

7.2CVSS5.8AI score0.00521EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/08/01 12:0 a.m.5 views

PT-2024-28558 · Cridiostudio · Listingpro

Name of the Vulnerable Software and Affected Versions: ListingPro versions n/a through 2.9.3 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability, in CridioStudio ListingPro. This allows for PHP Local...

8CVSS6.8AI score0.00521EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/12/21 12:0 a.m.5 views

PT-2023-31660 · Unknown · Aerin Loan Repayment Calculator/Application Form

Name of the Vulnerable Software and Affected Versions: Aerin Loan Repayment Calculator and Application Form versions n/a through 2.9.3 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means tha...

5.9CVSS5.9AI score0.00335EPSS
Exploits0References5
CNNVD
CNNVDadded 2021/01/15 12:0 a.m.6 views

Wordpress Simple Board Job Plugin 路径遍历漏洞

Wordpress Simple Board Job Plugin is a plugin from the WordPress Wordpress Foundation that provides job posting functionality job boards for Wordpress. A security vulnerability exists in WordPress Simple Board Job plugin 2.9.3 and earlier versions, which stems from a path traversal vulnerability ...

7.7CVSS7.2AI score0.30479EPSS
Exploits7References8
CNVD
CNVDadded 2018/01/24 12:0 a.m.2 views

FasterXML jackson-databind Security Bypass Vulnerability

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . Jackson-databind is one of the components with data binding capabilities . A security bypass vulnerability exists in FasterXML jackson-databind versions 2.8.11 and earlier and versions 2.9.x through 2.9.3. An attacker...

8.1CVSS7.2AI score0.07008EPSS
Exploits0References1
Rows per page
Query Builder