Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 3 days ago8 views

EUVD-2026-31862

Bugsink: Issue bulk actions can affect another project’s issue if its UUID is known...

3.1CVSS5.4AI score0.00029EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/22 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: velocity-tools (UTSA-2026-016718)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016718 advisory. The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL. An attacker can set an X...

6.1CVSS6.8AI score0.03207EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/12 2:19 a.m.7 views

CVE-2026-27682 Reflected Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages)

Due to a reflected cross-site scripting XSS vulnerability in SAP NetWeaver Application Server ABAP Applications based on Business Server Pages, an unauthenticated attacker could craft a URL that exploits an unprotected URL parameter to embed a malicious script. If a victim clicks the link, the...

4.7CVSS5.8AI score0.00019EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/01/15 12:0 a.m.2 views

PT-2026-2994

Name of the Vulnerable Software and Affected Versions Web Application affected versions not specified Description A flaw exists in a web application where improper handling of a URL parameter could allow attackers to execute code in a user's browser following login. Successful exploitation may...

6.1CVSS6.7AI score0.0002EPSS
Exploits0References10
OSV
OSVadded 2025/10/14 9:58 p.m.6 views

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

9.5CVSS6.9AI score0.00071EPSS
Exploits2References4
CNNVD
CNNVDadded 2025/05/25 12:0 a.m.1 views

Seeyon Zhiyuan OA 代码问题漏洞

Seeyon Zhiyuan OA Zhiyuan OA is a collaboration management software from China's Seeyon. A code issue vulnerability exists in Seeyon Zhiyuan OA 8.1 SP2 and prior versions, which stems from incorrect manipulation of the parameter url in the file...

6.5CVSS6.5AI score0.00173EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2012/07/21 12:0 a.m.1 views

PT-2012-3975 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.1.x through 2.1.5 Moodle versions 2.2.x through 2.2.2 Description: The issue allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages. This is achieved by...

4CVSS6.1AI score0.00156EPSS
Exploits0References7
Rows per page
Query Builder