Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

CVE
CVEadded yesterday8 views

CVE-2026-47277 Runtipi: Unauthenticated arbitrary file read through app-store logo symlinks

Runtipi pre-4.10.0 is affected by an unauthenticated arbitrary file read through app-store logo symlinks. In versions 4.9.1–4.9.3, the public endpoint serves marketplace logos from files inside cloned app-store repositories; a logo symlink (e.g., metadata/logo.jpg) can cause the target file to be...

6.5CVSS5.4AI score0.00032EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/12/17 12:9 p.m.7 views

CVE-2025-13741

The Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getAuthors function in all versions up to, and including, 4.9.2. This makes it...

4.3CVSS5.1AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/12/22 12:0 a.m.6 views

Nextcloud Authorization Issues Vulnerability

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An authorization issue vulnerability exists in versions prior to Nextcloud 4.9.2, which stems from a 4-digit PIN that does not need to be provided to allow...

4.3CVSS6.7AI score0.00288EPSS
Exploits0References4
OSV
OSVadded 2023/10/19 6:15 a.m.2 views

CVE-2023-5212

The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 4.8.9 as well as version 4.9.2. This makes it possible for authenticated attackers with subscriber privileges to delete arbitrary files on the server, which makes it possible to take ove...

8.1CVSS5.9AI score0.01626EPSS
Exploits2References4
CNVD
CNVDadded 2018/02/07 12:0 a.m.9 views

WordPress Denial of Service Vulnerability (CNVD-2018-05439)

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress 4.9.2 and earlier versions. An attacker can cause a denial of...

7.5CVSS6.7AI score0.73098EPSS
Exploits11References1
CNVD
CNVDadded 2017/09/14 12:0 a.m.2 views

Tcpdump HNCP Parser Buffer Overflow Vulnerability

Tcpdump is a set of sniffing tools developed by the Tcpdump team that run at the command line. The tools allow users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer.HNCP parser is one of the network control protocol parsers. A buffer...

9.8CVSS9.4AI score0.03241EPSS
Exploits0References1
Rows per page
Query Builder