Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2026/04/03 3:30 p.m.3 views

GHSA-VPH7-R229-QXPF Focalboard doesn't validate file ownership when serving uploaded files

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued...

4.3CVSS5.9AI score0.00221EPSS
Exploits0References2
OSV
OSVadded 2019/05/13 2:29 p.m.1 views

CVE-2018-18524

Evernote 6.15 on Windows has an incorrectly repaired stored XSS vulnerability. An attacker can use this XSS issue to inject Node.js code under Present mode. After a victim opens an affected note under Present mode, the attacker can read the victim's files and achieve remote execution command on t...

6.1CVSS6AI score
Exploits0References2
Exploit DB
Exploit DBadded 2011/08/04 12:0 a.m.17 views

Xpdf 3.02-13 - 'zxpdf' Security Bypass

source: https://www.securityfocus.com/bid/49007/info Xpdf is prone to a security-bypass vulnerability that may allow attackers to perform actions without proper authorization. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions; this may aid in...

7.4AI score
Exploits0
Rows per page
Query Builder