Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/03/04 8:33 p.m.3 views

GHSA-22M3-C7VP-49FJ IRRd: web UI host header injection allows password reset poisoning via attacker-controlled email links

Impact An attacker can manipulate the HTTP Host header on a password reset or account creation request. The confirmation link in the resulting email can then point to an attacker-controlled domain. Opening the link in the email is sufficient to pass the token to the attacker, who can then use it ...

8.1CVSS5.9AI score0.00039EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2025/05/23 12:58 a.m.6 views

CVE-2022-46181

Gotify server is a simple server for sending and receiving messages in real-time per WebSocket. Versions prior to 2.2.2 contain an XSS vulnerability that allows authenticated users to upload .html files. An attacker could execute client side scripts if another user opened a link. The attacker cou...

6.1CVSS5.9AI score0.00397EPSS
Exploits0References1
OSV
OSVadded 2023/07/06 8:53 p.m.3 views

GHSA-2Q4P-F6GF-MQR5 Graylog server has partial path traversal vulnerability in Support Bundle feature

A partial path traversal vulnerability exists in Graylog's Support Bundle feature. The vulnerability is caused by incorrect user input validation in an HTTP API resource. Thanks to weiweiwei9811 for reporting this vulnerability and providing detailed information. Impact Graylog's Support Bundle...

3.3CVSS5.9AI score0.00294EPSS
Exploits1References5
OSV
OSVadded 2021/12/10 9:15 p.m.1 views

UBUNTU-CVE-2021-43815

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerabili...

4.3CVSS6.9AI score0.01202EPSS
Exploits0References8
OSV
OSVadded 2021/05/19 8:15 p.m.2 views

UBUNTU-CVE-2021-29622

Prometheus is an open-source monitoring system and time series database. In 2.23.0, Prometheus changed its default UI to the New ui. To ensure a seamless transition, the URL's prefixed by /new redirect to /. Due to a bug in the code, it is possible for an attacker to craft an URL that can redirec...

6.5CVSS6.6AI score0.87475EPSS
Exploits0References6
OSV
OSVadded 2021/05/11 3:15 p.m.1 views

DEBIAN-CVE-2021-29471

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

5.3CVSS6.8AI score0.00337EPSS
Exploits0References1
Rows per page
Query Builder