Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4438 matches found

EUVD
EUVDadded 2026/03/10 6:31 p.m.3 views

EUVD-2026-10687

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00439EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/10 6:31 p.m.2 views

EUVD-2026-10688

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00439EPSS
Exploits0References2
OSV
OSVadded 2026/03/10 6:18 p.m.4 views

CVE-2026-26117

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00439EPSS
Exploits0References1
NVD
NVDadded 2026/03/10 6:18 p.m.2 views

CVE-2026-26117

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00439EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/10 5:5 p.m.2 views

CVE-2026-26117

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00439EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVEadded 2026/03/10 2:0 p.m.3 views

Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00439EPSS
Exploits0
Snyk
Snykadded 2026/03/10 1:12 a.m.3 views

Exposed Dangerous Method or Function

Overview @oneuptime/common is a The OneUptime Common UI Library is a collection of shared components, utilities that are used across the OneUptime platform. It is designed to be easy to install and use, and to be extensible. This library is built with React and TypeScript. It includes c Affected...

9.9CVSS6.1AI score0.01153EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2026/03/10 1:12 a.m.9 views

OneUptime has Synthetic Monitor RCE via exposed Playwright browser object

Summary OneUptime Synthetic Monitors allow a low-privileged authenticated project user to execute arbitrary commands on the oneuptime-probe server/container. The root cause is that untrusted Synthetic Monitor code is executed inside Node's vm while live host-realm Playwright browser and page...

9.9CVSS6.6AI score0.01153EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2026/03/10 12:0 a.m.3 views

OneUptime 安全漏洞

OneUptime is a comprehensive open-source solution developed by OneUptime. It is designed for monitoring and managing your online services. Versions of OneUptime prior to 10.0.18 contained security vulnerabilities. These vulnerabilities stemmed from the execution of untrusted user code within the...

9.9CVSS6.2AI score0.00387EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2026/03/10 12:0 a.m.3 views

PT-2026-24327

Name of the Vulnerable Software and Affected Versions Azure Windows Virtual Machine Agent affected versions not specified Azure Arc on Windows affected versions not specified Description A security issue exists in Azure Windows Virtual Machine Agent and Azure Arc on Windows that allows an attacke...

7.8CVSS5.8AI score0.00439EPSS
Exploits0References18
Positive Technologies
Positive Technologiesadded 2026/03/10 12:0 a.m.2 views

PT-2026-24190

Name of the Vulnerable Software and Affected Versions OneUptime versions prior to 10.0.21 Description OneUptime Synthetic Monitors allow a low-privileged authenticated project user to execute arbitrary commands on the oneuptime-probe server/container. The root cause is that untrusted Synthetic...

9.9CVSS6.5AI score0.01153EPSS
Exploits1References12
ATTACKERKB
ATTACKERKBadded 2026/03/09 10:58 p.m.3 views

CVE-2026-30921

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.20, OneUptime Synthetic Monitors allow low-privileged project users to submit custom Playwright code that is executed on the oneuptime-probe service. In the current implementation, this untrusted code is run inside...

9.9CVSS6AI score0.00445EPSS
Exploits1References2Affected Software1
Ubuntu
Ubuntuadded 2026/03/09 4:6 p.m.7 views

USN-8080-1: YARA vulnerabilities

Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...

9.1CVSS7.2AI score0.02996EPSS
Exploits12
OSV
OSVadded 2026/03/09 8:59 a.m.7 views

CLSA-2026-1773046740 kernel: Fix of 21 CVEs

i40e: fix IRQ freeing in i40evsirequestirqmsix error path CVE-2025-39911 - media: rc: fix races with imondisconnect CVE-2025-39993 - VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify CVE-2025-38102 - partitions: mac: fix handling of bogus partition table CVE-2025-21772 - tracing:...

7.8CVSS7.1AI score0.00335EPSS
Exploits0References1
CVE
CVEadded 2026/03/05 11:51 p.m.17 views

CVE-2026-28713

CVE-2026-28713 concerns default credentials assigned to a local privileged user in a Virtual Appliance. Affected are: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, and Acronis Cyber Protect 17 (VMware) before build 41186. The vulnerability allows high impact on confidentiality an...

7.1CVSS5.9AI score0.00169EPSS
Exploits0References1Affected Software2
RedhatCVE
RedhatCVEadded 2026/03/04 1:56 a.m.4 views

CVE-2025-47378

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain...

7.1CVSS5.9AI score0.0007EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/02 7:53 p.m.5 views

CVE-2023-31364

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine VM to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service...

8.3CVSS5.9AI score0.00247EPSS
Exploits0References1
NVD
NVDadded 2026/03/02 7:16 p.m.9 views

CVE-2026-0029

In pkvminitvm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS0.00107EPSS
Exploits0References4
NVD
NVDadded 2026/03/02 5:16 p.m.4 views

CVE-2025-47378

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain...

7.1CVSS0.0007EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/02 4:53 p.m.5 views

CVE-2025-47378 Exposure of Sensitive System Information to an Unauthorized Control Sphere in HLOS

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain...

7.1CVSS5.9AI score0.0007EPSS
Exploits0References1
Rows per page
Query Builder