Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (103 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2020-15270 1 Parseplatform 1 Parse-server 2024-11-21 4.3 Medium
Parse Server (npm package parse-server) broadcasts events to all clients without checking if the session token is valid. This allows clients with expired sessions to still receive subscription objects. It is not possible to create subscription objects with invalid session tokens. The issue is not patched.
CVE-2019-1020013 1 Parseplatform 1 Parse-server 2024-11-21 N/A
parse-server before 3.6.0 allows account enumeration.
CVE-2019-1020012 1 Parseplatform 1 Parse-server 2024-11-21 N/A
parse-server before 3.4.1 allows DoS after any POST to a volatile class.