Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/05/30 2:12 a.m.12 views

CVE-2026-45102

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References1
NVD
NVDadded 2026/05/27 8:16 p.m.11 views

CVE-2026-45102

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

9.9CVSS0.00266EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/27 12:0 a.m.9 views

OneUptime 安全漏洞

OneUptime is a comprehensive solution developed by OneUptime OpenSource. It is used to monitor and manage your online services. Versions of OneUptime prior to 10.0.98 contained security vulnerabilities. These vulnerabilities stemmed from the use of the Node.js vm module as an isolation primitive,...

9.9CVSS5.8AI score0.00266EPSS
Exploits0References2
Snyk
Snykadded 2026/05/16 12:0 a.m.5 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization in the mounting of host directories in read-only mode into VM. An attacker can gain unauthorized write access to the host filesystem by remounting a shared directory as read-write from within t...

10CVSS5.8AI score0.00289EPSS
Exploits0References2
Snyk
Snykadded 2026/04/09 10:7 a.m.3 views

Incomplete List of Disallowed Inputs

Overview Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the isVMLowLevelOptionForbidden function in lxd/project/limits/permissions.go. An attacker can set forbidden low-level VM configuration keys, such as raw.apparmor or raw.qemu.conf in a project th...

9.1CVSS5.4AI score0.00363EPSS
Exploits0References2
Ubuntu
Ubuntuadded 2025/12/17 8:58 p.m.9 views

USN-7940-1: Linux kernel (Azure FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

8.8CVSS7.4AI score0.01345EPSS
Exploits10
OSV
OSVadded 2025/12/16 10:25 p.m.6 views

USN-7939-2 linux-azure-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS6.9AI score0.01345EPSS
Exploits8References24
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-25355

Malware in sbrugna...

8.6CVSS8.3AI score0.0121EPSS
Exploits0References3
Rows per page
Query Builder