Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

32 matches found

CVE
CVEadded yesterday4 views

CVE-2026-44682

CVE-2026-44682 affects Acronis DeviceLock DLP (Windows) prior to build 9.0.15051.93227. It is a local privilege escalation via DLL hijacking, with a low-privilege attacker needing local access and user interaction to exploit. The CVSSv3.0 metrics indicate AV:L, AC:L, PR:L, UI:R, S:U, C:H/I:H/A:H ...

7.3CVSS7.1AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/04/29 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-3087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:... then the archive will be extracted outside the target...

7.5CVSS5.8AI score0.00078EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2026/02/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-15569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the function getsystemdpi of the file platform/x11/winmain.c. This...

7.3CVSS6.5AI score0.00016EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/01/22 12:52 p.m.2 views

CVE-2025-14295

Storing Passwords in a Recoverable Format vulnerability in Automated Logic WebCTRL on Windows, Carrier i-Vu on Windows. Storing Passwords in a Recoverable Format vulnerability CWE-257 in the Web session management component allows an attacker to access stored passwords in a recoverable format whi...

7CVSS5.4AI score0.00007EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichmentadded 2025/12/16 6:18 p.m.1 views

CVE-2025-68154 Command Injection in fsSize() on Windows

systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the fsSize function in systeminformation is vulnerable to OS command injection on Windows systems. The optional drive parameter is directly concatenated into a PowerShell command without...

8.1CVSS7.1AI score0.00054EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-32862

Malicious code in bioql PyPI...

8.1CVSS6.4AI score0.01309EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-33084

Malicious code in bioql PyPI...

9.8CVSS7.8AI score0.00134EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2025/08/21 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-3996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some...

7.5CVSS6.7AI score0.00848EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-9818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main...

8.3CVSS8AI score0.00351EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/08/11 9:47 p.m.4 views

CVE-2025-25235 Omnissa Secure Email Gateway (SEG) updates address Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...

8.6CVSS0.00075EPSS
Exploits0References1
OpenVAS
OpenVASadded 2025/07/21 12:0 a.m.24 views

7-Zip Multiple Vulnerabilities (Jul 2025) - Windows

7zip is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:7-zip:7-zip"; ifdescription...

7.8CVSS8.1AI score0.00459EPSS
Exploits13References7
OpenVAS
OpenVASadded 2025/07/04 12:0 a.m.18 views

PHP < 8.1.33, 8.2.x < 8.2.29, 8.3.x < 8.3.23, 8.4.x < 8.4.10 Multiple Vulnerabilities - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.5CVSS8.2AI score0.00772EPSS
Exploits2References7
OpenVAS
OpenVASadded 2025/07/03 12:0 a.m.6 views

Tenable Nessus Privilege Escalation Vulnerability (TNS-2025-13)

Tenable Nessus is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.4CVSS9AI score0.00062EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/06/30 12:0 a.m.1 views

PT-2025-27491 · Electron · Electron

Name of the Vulnerable Software and Affected Versions: Electron versions 30.0.0-alpha.1 through 30.0.5 Electron versions 31.0.0-alpha.1 through 31.0.0-beta.1 Description: The issue is an ASAR Integrity bypass, which only impacts applications that have the embeddedAsarIntegrityValidation and...

7.8CVSS7.2AI score0.00036EPSS
Exploits0References13
OpenVAS
OpenVASadded 2025/05/15 12:0 a.m.8 views

Adobe Dreamweaver Arbitrary Code Vulnerability (APSB25-35) - Windows

Adobe Dreamweaver is prone to an arbitrary code vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:dreamweaver"...

7.8CVSS7.7AI score0.00115EPSS
Exploits0References1
OpenVAS
OpenVASadded 2025/05/13 12:0 a.m.24 views

VMware Tools Insecure File Handling Vulnerability (VMSA-2025-0007) - Windows

VMware Tools is prone to an insecure file handling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:tools";...

6.1CVSS7.3AI score0.00326EPSS
Exploits0References1
CVE
CVEadded 2025/04/29 1:13 p.m.76 views

CVE-2025-4084

CVE-2025-4084 concerns Firefox products. The issue arises from insufficient escaping of special characters in the copy as cURL feature, which could mislead users into running a crafted command and potentially enable local code execution on Windows. Affected software includes Firefox for Windows, ...

5.7CVSS7AI score0.00283EPSS
Exploits0References5Affected Software2
OpenVAS
OpenVASadded 2025/04/02 12:0 a.m.14 views

Mozilla Firefox Security Update (mfsa_2025-20) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

8.1CVSS7.3AI score0.00255EPSS
Exploits1References1
OpenVAS
OpenVASadded 2025/02/06 12:0 a.m.8 views

Mozilla Thunderbird Security Update (mfsa_2025-11) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

9.8CVSS9.7AI score0.00799EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/05 5:11 a.m.5 views

CVE-2024-10011

The BuddyPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 14.1.0 via the id parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended...

8.1CVSS5.8AI score0.01309EPSS
Exploits0References1
Rows per page
Query Builder