Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/03/10 8:16 p.m.2 views

CVE-2026-29173

Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.10.2 and 5.5.3, a stored XSS vulnerability exists when a user tries to update the Order Status from the Commerce Orders Table. The Order Status Name is rendered without proper escaping, allowing script execution to occur. This...

4.8CVSS0.00318EPSS
Exploits1References3
CNNVD
CNNVDadded 2026/01/08 12:0 a.m.5 views

Spree 安全漏洞

Spree is an open source shopping mall using Ruby on Rails for individual developers. A security vulnerability exists in Spree versions prior to 4.10.2, 5.0.7, 5.1.9, and 5.2.5, which stems from an insecure direct object reference by an authenticated user that could lead to obtaining other users'...

6.5CVSS6.3AI score0.00371EPSS
Exploits1References6
CNNVD
CNNVDadded 2025/05/13 12:0 a.m.2 views

Owl Admin 安全漏洞

Owl Admin is a fast and flexible backend framework from Owl Admin. A security vulnerability exists in Owl Admin v3.2.2 through v4.10.2, which stems from an SQL injection in /admin-api/system/adminmenus/saveorder...

7.2CVSS7.8AI score0.00361EPSS
Exploits1References3
CNVD
CNVDadded 2019/07/18 12:0 a.m.2 views

Cybozu Garoo Input Validation Error Vulnerability

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An input validation error vulnerability exists in Cybozu Garoon versions 4.0.0 through 4.10.2. The vulnerability...

4.9CVSS6.9AI score0.01161EPSS
Exploits0References1
CNVD
CNVDadded 2019/07/18 12:0 a.m.2 views

Cybozu Garoon Portal Cross-Site Scripting Vulnerability

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A cross-site scripting vulnerability exists in the Portal application in Cybozu Garoon versions 4.6.0 through...

5.4CVSS6.4AI score0.0082EPSS
Exploits0References1
OSV
OSVadded 2019/04/09 4:29 p.m.4 views

ALPINE-CVE-2019-3880

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions...

5.4CVSS6.5AI score0.03392EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2013/12/05 4:11 p.m.3 views

nspr: Avoid unsigned integer wrapping in PL_ArenaAllocate (MFSA 2013-103)

Integer overflow in the PLArenaAllocate function in Mozilla Netscape Portable Runtime NSPR before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service application crash o...

7.5CVSS6.6AI score0.03045EPSS
Exploits0References5
Rows per page
Query Builder