Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2025/05/12 12:0 a.m.1 views

PT-2025-20772 · Apple · Macos Ventura +8

Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 11.5 macOS Sonoma versions prior to 14.7.6 tvOS versions prior to 18.5 iOS versions prior to 18.5 iPadOS versions prior to 18.5 macOS Sequoia versions prior to 15.5 visionOS versions prior to 2.5 macOS Ventura versio...

7.8CVSS5.4AI score0.00067EPSS
Exploits0References17
RedhatCVE
RedhatCVEadded 2025/02/08 4:41 a.m.7 views

CVE-2025-24902

WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, salvarcargo.php endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information. Thi...

9.4CVSS8.2AI score0.00441EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/07 6:18 p.m.3 views

CVE-2025-24372

CKAN is an open-source DMS data management system for powering data hubs and data portals. Using a specially crafted file, a user could potentially upload a file containing code that when executed could send arbitrary requests to the server. If that file was opened by an administrator, it could...

7.3CVSS7.7AI score0.00218EPSS
Exploits0References1
OSV
OSVadded 2024/11/18 9:15 a.m.2 views

CVE-2024-45505

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.1. Users are recommended to upgrade to versi...

8.8CVSS7.1AI score
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/08/11 12:0 a.m.3 views

PT-2024-6110 · Cisco · Cisco Cloud Network Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Network Controller affected versions not specified Description: A vulnerability in the software upgrade component could allow an authenticated, remote attacker with...

8.5CVSS6.9AI score0.00271EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 2024/02/09 10:51 p.m.14 views

CVE-2024-23322 Envoy crashes when idle and request per try timeout occur within the backoff interval

Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happen within the same interval. The crash occurs when the following are true: 1. hedgeonpertrytimeout is enabled, 2. pertryidletimeout is enabled it can only be done in configuration, 3. per-try-timeout...

7.5CVSS7.1AI score0.00086EPSS
Exploits0References2
OSV
OSVadded 2024/01/30 4:15 p.m.4 views

CVE-2024-1019

ModSecurity / libModSecurity 3.0.0 to 3.0.11 is affected by a WAF bypass for path-based payloads submitted via specially crafted request URLs. ModSecurity v3 decodes percent-encoded characters present in request URLs before it separates the URL path component from the optional query string...

8.6CVSS8.5AI score0.00306EPSS
Exploits0References3
OSV
OSVadded 2005/01/05 12:0 a.m.10 views

DSA-624-1 zip - buffer overflow

Bulletin has no description...

10CVSS6.3AI score0.06063EPSS
Exploits0
Rows per page
Query Builder