Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 4 days ago9 views

PT-2026-45484

Summary Type: Authorization bypass enabling workspace metadata + settings tampering. The PATCH /workspaces/workspace id endpoint is gated only by require workspace memberworkspace id default min role="member". Any member can rewrite the workspace's name, description, and the settings JSON blob. T...

6.5CVSS6AI score
Exploits0References3
Snyk
Snykadded 2025/12/10 6:30 p.m.2 views

Command Injection

Overview org.jenkins-ci.plugins:git-client is a Jenkins git client plugin. Affected versions of this package are vulnerable to Command Injection due to improper escaping of command arguments when generating temporary credential. An attacker can execute arbitrary operating system commands by...

6.3CVSS7.9AI score0.00052EPSS
Exploits0References2
Rockylinux
Rockylinuxadded 2024/07/15 12:17 p.m.29 views

gnome-shell-extensions bug fix update

An update is available for gnome-shell-extensions. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNOME Shell extensions allow for modifying the default GNOME...

7.3AI score
Exploits0
OSV
OSVadded 2024/06/05 6:33 p.m.11 views

GHSA-G4XV-R3QW-V3Q2 typo3 Information Disclosure Security Note

Due to reports it has been validated that internal workspaces in Neos are accessible without authentication. Some users assumed this is a planned feature but it is not. A workspace preview should be an additional feature with respective security measures in place. Note that this only allows readi...

6.8AI score
Exploits0References3
Github Security Blog
Github Security Blogadded 2024/05/17 10:54 p.m.14 views

Neos Information Disclosure Security Note

Due to reports it has been validated that internal workspaces in Neos are accessible without authentication. Some users assumed this is a planned feature but it is not. A workspace preview should be an additional feature with respective security measures in place. Note that this only allows readi...

6.8AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2024/05/17 12:0 a.m.2 views

PT-2024-40044 · Neos · Neos

Name of the Vulnerable Software and Affected Versions: Neos affected versions not specified Description: The issue allows unauthorized access to internal workspaces in Neos without authentication. This means that internal workspaces, which are non-public and do not have an owner, can be viewed by...

7.5CVSS6.8AI score
Exploits0References4
CNNVD
CNNVDadded 2023/02/06 12:0 a.m.2 views

Softr 跨站脚本漏洞

Softr is a no-code website builder from Softr, Inc. A security vulnerability exists in Softr version v2.0, which stems from the presence of an HTML injection vulnerability via the parameter Work Space Name...

5.4CVSS5.7AI score0.00301EPSS
Exploits1References6
Rows per page
Query Builder