Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14726 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:11 p.m.5 views

CVE-2026-44886

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devices.php route accepts requests from unauthenticated users when the action URL parameter is set to...

8.7CVSS5.6AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/05 6:49 p.m.5 views

CVE-2024-42206

HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...

3.1CVSS5.4AI score0.00151EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2026/06/04 4:15 p.m.6 views

PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions

A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...

7.5CVSS5.7AI score0.00337EPSS
Exploits0References5
NVD
NVDadded 2026/06/04 2:16 p.m.11 views

CVE-2025-59874

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...

8.1CVSS0.00268EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/04 12:14 p.m.8 views

EUVD-2025-210064

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...

8.1CVSS5.7AI score0.00268EPSS
Exploits0References1
CVE
CVEadded 2026/06/04 12:14 p.m.13 views

CVE-2025-59874

CVE-2025-59874 affects HCL Hive Telco Observability. The issue is identified as a missing CSP directive in the web application’s Keycloak component, with missing essential directives leaving the site vulnerable. The CVSS v3.1 base metrics indicate a high-severity, network-exploitability risk (AV:...

8.1CVSS5.7AI score0.00268EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/04 11:57 a.m.12 views

CVE-2026-30923

A flaw was found in libModSecurity3, a component of the ModSecurity web application firewall WAF. An attacker can exploit a segmentation fault by sending a specially crafted query string parameter containing a single character, which is then processed by a rule using the t:hexDecode transformatio...

8.2CVSS5.7AI score0.00435EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.11 views

PT-2026-46217

HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...

8.1CVSS5.7AI score0.00268EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/03 9:40 a.m.6 views

CVE-2025-14773 Stored Cross-Site Scripting in ABB T-MAC Plus web application

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8CVSS5.8AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/03 9:40 a.m.38 views

CVE-2025-14773 Stored Cross-Site Scripting in ABB T-MAC Plus web application

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8CVSS0.00175EPSS
Exploits0References1
CVE
CVEadded 2026/06/03 9:40 a.m.31 views

CVE-2025-14773

CVE-2025-14773 is a stored cross-site scripting (XSS) vulnerability in ABB T-MAC Plus web application, affecting T-MAC Plus 4.0-24. The issue stems from improper neutralization of input during web page generation. CVSS metrics from ABB indicate a HIGH severity (CVSS v4.0 base 7.2; v3.1 base 8.0),...

8CVSS5.8AI score0.00175EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/06/03 9:25 a.m.36 views

CVE-2025-14772 Broken Access Control in ABB T-MAC Plus web application

Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8.8CVSS0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/03 9:25 a.m.6 views

CVE-2025-14772 Broken Access Control in ABB T-MAC Plus web application

Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8.8CVSS5.8AI score0.00248EPSS
Exploits0References1
CVE
CVEadded 2026/06/03 9:16 a.m.12 views

CVE-2025-14771

Technical details (affected components, versions, impact, remediation) are not publicly available in the provided documents. Monitor for updates on ABB T-MAC Plus CVE-2025-14771.

9.9CVSS5.8AI score0.00289EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/06/03 9:16 a.m.35 views

CVE-2025-14771 File Disclosure in ABB T-MAC Plus web application and in ABB T-MAC plus Server - Default IIS Web Site

Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

9.9CVSS0.00289EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2026/06/03 12:2 a.m.71 views

eCPPT-Penetration-Testing-Reports

eCPPT Penetration Testing Reports Penetration testing lab rep...

9.8CVSS7.3AI score0.94618EPSS
Exploits7
CNNVD
CNNVDadded 2026/06/03 12:0 a.m.5 views

school-management-system 安全漏洞

School-Management-System is a PHP-based school management system developed by Shubham Kumar, an individual developer. The School-Management-System has a security vulnerability, which stems from the use of predictable password generation methods. This vulnerability may allow attackers to easily...

6.9CVSS5.4AI score0.00249EPSS
Exploits0References2
NVD
NVDadded 2026/06/02 5:16 p.m.13 views

CVE-2024-42206

HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...

3.1CVSS0.00151EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/02 3:57 p.m.11 views

EUVD-2024-55606

HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...

3.1CVSS5.8AI score0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/02 3:57 p.m.5 views

CVE-2024-42206 HCL iReflection Use of Third party vulnerable and outdated components issue was detected in the web application.

HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...

3.1CVSS5.8AI score0.00151EPSS
Exploits0References1
Rows per page
Query Builder