Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/05/08 7:52 p.m.3 views

GHSA-MQQ6-CQCX-38VG Open WebUI's Model Import Overwrites Any Model Without Ownership Check

Model Import Overwrites Any Model Without Ownership Check Affected Component Model import endpoint: - backend/openwebui/routers/models.py lines 254-308, importmodels Affected Versions Current main branch commit 6fdd19bf1 and likely all versions with model import functionality. Description The POS...

6.5CVSS5.8AI score0.00011EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/10/09 6:13 p.m.7 views

CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

4.8CVSS0.00037EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 3:48 p.m.5 views

CVE-2020-28364

A stored cross-site scripting XSS vulnerability affects the Web UI in Locust before 1.3.2, if the installation violates the usage expectations by exposing this UI to outside users...

6.1CVSS5.4AI score0.00359EPSS
Exploits0
OSV
OSVadded 2025/01/27 3:46 p.m.9 views

CVE-2024-45598 Cacti has a Local File Inclusion (LFI) Vulnerability via Poller Standard Error Log Path

Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the Poller Standard Error Log Path parameter in either Installation Step 5 or in Configuration-Settings-Paths tab to a local file inside the server. Then simply going to Logs tab and...

6CVSS8.4AI score0.00087EPSS
Exploits1References5
CNVD
CNVDadded 2021/05/14 12:0 a.m.4 views

Argo Information Disclosure Vulnerability (CNVD-2021-36102)

Argo is an open source container native workflow engine. A security vulnerability exists in Argo CD. The vulnerability stems from the exposure of system data in the program's Web UI to an unauthorized Control Sphere exploit, which could allow an attacker to leak confidential data leading to leaks...

5.9CVSS6.6AI score0.00058EPSS
Exploits0References1
CNVD
CNVDadded 2018/07/20 12:0 a.m.1 views

IBM Rational Rhapsody Design Manager and IBM Rational Software Architect Design Manager Cross-Site Scripting Vulnerabilities

IBM Rational Rhapsody Design Manager is collaborative design management software built on the IBM Jazz platform that helps design team members and stakeholders share, track, review, and manage designs.IBM Rational Software Architect Design Manager is a IBM Rational Software Architect Design Manag...

5.4CVSS5.4AI score0.00158EPSS
Exploits0References1
Rows per page
Query Builder