Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/03/06 1:34 a.m.5 views

CVE-2026-26002

Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain susceptible...

9.8CVSS5.8AI score0.00533EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-23969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsin...

7.5CVSS6.8AI score0.47102EPSS
Exploits0References2
NVD
NVDadded 2025/08/13 4:16 a.m.4 views

CVE-2025-8891

The OceanWP theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.0.9 to 4.1.1. This is due to missing or incorrect nonce validation on the oceanwpnoticebuttonclick function. This makes it possible for unauthenticated attackers to install the Ocean Extra plugin via a forge...

4.3CVSS0.00191EPSS
Exploits1References3
CVE
CVEadded 2025/08/13 3:42 a.m.18 views

CVE-2025-8891

CVE-2025-8891 relates to the OceanWP WordPress theme. The affected versions are 4.0.9 through 4.1.1, where a Cross-Site Request Forgery can be exploited due to missing/incorrect nonce validation in the oceanwp_notice_button_click() function. This enables unauthenticated attackers to cause the ins...

4.3CVSS6.7AI score0.00191EPSS
Exploits1References3Affected Software1
Patchstack
Patchstackadded 2025/08/12 12:0 a.m.4 views

WordPress OceanWP Theme 4.0.9 - 4.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software OceanWP Type Theme Vulnerable versions 4.0.9 - 4.1.1 Fixed in 4.1.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2025-8891 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1d569e8bf081 Credits Dmitrii Ignatyev Requir...

4.3CVSS7AI score0.00191EPSS
Exploits1References2Affected Software1
Patchstack
Patchstackadded 2025/06/19 8:0 a.m.5 views

WordPress OceanWP plugin <= 4.0.9 - Stored Cross-Site Scripting via Select HTML Tag vulnerability

Stored Cross-Site Scripting via Select HTML Tag vulnerability discovered by Asaf Mozes in WordPress Theme OceanWP versions = 4.0.9...

4.9CVSS5.7AI score0.00205EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2020/05/13 12:0 a.m.4 views

PT-2020-10890 · Mongodb · Mongodb Ops Manager

Name of the Vulnerable Software and Affected Versions: MongoDB Ops Manager versions 4.0.9 through 4.0.10 MongoDB Ops Manager version 4.1.5 Description: The issue affects MongoDB Ops Manager, where an exposed http route may allow attackers to view a specific access log of a publicly exposed Ops...

5.8CVSS5.2AI score0.00999EPSS
Exploits0References5
Rows per page
Query Builder