108224+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no …
In setAllowedCarriers of PhoneInterfaceManager.java, there is a possible way to disable carrier restrictions due to a logic error in the code. This could lead to …
In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This …
In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation …
Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions.
Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions.
Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions.
Unauthenticated Local File Inclusion in ITactics <= 1.0 versions.
Unauthenticated Local File Inclusion in Tipsy <= 1.1 versions.
Unauthenticated Local File Inclusion in Resurs <= 1.3 versions.
Unauthenticated Local File Inclusion in Orpheus <= 1.3 versions.
Unauthenticated Local File Inclusion in Spike <= 1.2 versions.
Unauthenticated Local File Inclusion in Eros <= 1.3 versions.
Unauthenticated Local File Inclusion in Choreo <= 1.6 versions.
Unauthenticated Local File Inclusion in WineShop <= 3.17 versions.
Unauthenticated Local File Inclusion in Grecko <= 5.17 versions.
Unauthenticated Local File Inclusion in Snowy <= 1.13 versions.
Unauthenticated Local File Inclusion in Gita <= 1.11 versions.
Unauthenticated Local File Inclusion in Printo <= 1.11 versions.
Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
Unauthenticated Local File Inclusion in Medeus <= 1.14 versions.
Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions.
Unauthenticated Local File Inclusion in Quirky <= 1.23 versions.
Unauthenticated Local File Inclusion in Putter <= 1.17 versions.
Unauthenticated Local File Inclusion in Dom <= 1.24 versions.
Unauthenticated Local File Inclusion in Gat <= 1.16 versions.
Unauthenticated Local File Inclusion in Mission <= 1.22 versions.
Unauthenticated Local File Inclusion in Abelle <= 1.22 versions.
Unauthenticated Local File Inclusion in Kelly Young <= 1.1.0 versions.
Unauthenticated Arbitrary File Deletion in Car Zone <= 3.7 versions.
Subscriber Privilege Escalation in Genemy <= 1.6.6 versions.
Subscriber Broken Access Control in Genemy <= 1.6.6 versions.
Unauthenticated Local File Inclusion in Wanium <= 1.9.8 versions.
Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin <= 2.7.2 versions.
Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site <= 1.0.7 versions.
Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site <= 1.0.7 versions.
Unauthenticated Local File Inclusion in Food Drop <= 1.3 versions.
Unauthenticated Local File Inclusion in Especio <= 1.0 versions.
Unauthenticated PHP Object Injection in SeaFood Company <= 1.4 versions.
Unauthenticated Local File Inclusion in Deliciosa <= 1.10.0 versions.
Unauthenticated Local File Inclusion in Corbesier <= 1.15.0 versions.
Unauthenticated Local File Inclusion in CopyPress <= 1.4.5 versions.
Unauthenticated Local File Inclusion in Ingenioso <= 1.14.0 versions.
Unauthenticated Local File Inclusion in Iona <= 1.0.8 versions.
Unauthenticated Local File Inclusion in MaxiNet <= 1.2.10 versions.
Unauthenticated Local File Inclusion in Nexio <= 1.10.0 versions.
Unauthenticated Local File Inclusion in Planty <= 1.14.0 versions.
Unauthenticated Local File Inclusion in AirSupply <= 2.0.0 versions.
Unauthenticated Local File Inclusion in Raider Spirit <= 1.1.2 versions.
Unauthenticated PHP Object Injection in Hot Coffee <= 1.7 versions.
Free website and port scanning — find vulnerabilities before attackers do.