Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2026/05/19 12:59 p.m.8 views

CVE-2026-42097 Authentication Bypass in Sparx Pro Cloud Server

Sparx Pro Cloud Server requires authentication based on requested URL. An attacker can omit the "model" query parameter and send the model name only in the binary blob in POST request allowing SQL query execution without authentication. The vendor was notified early about this vulnerability, but...

9.3CVSS6AI score0.00941EPSS
Exploits3References4
RedhatCVE
RedhatCVEadded 2025/12/23 9:29 p.m.3 views

CVE-2025-68114

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream’s index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Commit...

9.8CVSS7.1AI score0.00163EPSS
Exploits0References5
GithubExploit
GithubExploitadded 2025/10/31 6:30 a.m.238 views

Exploit for Server-Side Request Forgery in Rocket.Chat

CVE-2024-39713: Rocket.Chat SSRF PoC Description A Server...

8.6CVSS8.7AI score0.03201EPSS
Exploits2
CNNVD
CNNVDadded 2025/08/08 12:0 a.m.2 views

Cyclope Employee Surveillance Solution 安全漏洞

Cyclope Employee Surveillance Solution is an employee monitoring software from Cyclope, Inc. A security vulnerability exists in Cyclope Employee Surveillance Solution version 6.x, which stems from the username parameter not being cleaned up in the auth-login request, and could lead to SQL injecti...

10CVSS8.5AI score0.00865EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2024/02/13 12:0 a.m.5 views

PT-2024-13394 · Contribsys · Sidekiq

Name of the Vulnerable Software and Affected Versions: Contribsys Sidekiq version 6.5.8 Description: The issue allows a remote attacker to obtain sensitive information via a crafted payload to the uniquejobs function. This is a Cross Site Scripting vulnerability. Recommendations: For Contribsys...

7.1CVSS7.9AI score0.0059EPSS
Exploits3References16
ATTACKERKB
ATTACKERKBadded 2023/12/12 8:15 a.m.4 views

CVE-2023-48641

Archer Platform 6.x before 6.14 P1 HF2 6.14.0.1.2 contains an insecure direct object reference vulnerability. An authenticated malicious user in a multi-instance installation could potentially exploit this vulnerability by manipulating application resource references in user requests to bypass...

8.8CVSS5.8AI score0.00476EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2021/09/17 12:0 a.m.5 views

PT-2021-23282 · Realvnc · Realvnc Viewer

Name of the Vulnerable Software and Affected Versions: RealVNC Viewer version 6.21.406 Description: The issue allows remote VNC servers to cause a denial of service, resulting in the application crashing via crafted RFB protocol data. It is noted that this issue requires social engineering to tri...

6.5CVSS7.2AI score0.00926EPSS
Exploits1References6
CNVD
CNVDadded 2017/08/01 12:0 a.m.2 views

VMware vCenter Server DLL Load Local Elevation of Privilege Vulnerability

VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. A local lift vulnerability exists in VMware...

8.8CVSS8.7AI score0.01671EPSS
Exploits0References1
Rows per page
Query Builder