With Tabarzin

Monitor

your infrastructure.

Real

vulnerabilities.

Zero

noise.

7.5

Severity

high

Chromium

V-Latest Stable (as of June 2025)

An insufficient policy enforcement vulnerability in Google Chromium allows remote attackers to leak cross-origin data via a crafted HTML page.

8.6

Severity

high

PCMan

V-2.0.7

A buffer overflow vulnerability in the NOOP Command Handler of PCMan FTP Server 2.0.7 allows remote attackers to execute arbitrary code.

9.1

Severity

critical

News-Buzz

V-1.0

An SQL injection vulnerability in /publicposts.php of News-Buzz CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the post parameter.

9.8

Severity

critical

D-Link dir-816

V-1.10CNB05

A stack-based buffer overflow vulnerability in /goform/form2lansetup.cgi of D-Link DIR-816 Router allows remote attackers to execute arbitrary code via the ip parameter.

9

Severity

critical

Tenda ac10

V-up to 15.03.06.47

A buffer overflow vulnerability in /goform/SetPptpServerCfg of Tenda AC10 Router allows remote attackers to execute arbitrary code via the startIp and endIp parameters.

6.5

Severity

medium

Django Backend

V-< 5.2.2, 5.1.10, 4.2.22

An issue in Django's HTTP response logging allows remote attackers to manipulate log output via crafted URLs, potentially leading to log injection or forgery.

9.1

Severity

critical

PHPGurukul Complaint MS

V-2.0

An SQL injection vulnerability in /admin/between-date-complaintreport.php of PHPGurukul Complaint Management System 2.0 allows remote attackers to execute arbitrary SQL commands via the fromdate and todate parameters.

9.8

Severity

critical

Apache Tomcat

V-Affected versions not specified

A remote code execution vulnerability in Apache Tomcat due to improper handling of file paths containing internal dots, leading to path equivalence issues.

9.9

Severity

critical

Veeam & Replication

V-Affected versions not specified

A vulnerability allowing remote code execution on the Backup Server by an authenticated domain user in Veeam Backup & Replication.

9

Severity

critical

Ivanti VPN

V-9.X and 22.7R2.5 and earlier

A buffer overflow vulnerability in Ivanti Connect Secure VPN appliances allows remote code execution, allegedly exploited by state-sponsored actors.

7.5

Severity

high

VMware NSX UI

V-Affected versions not specified

A stored Cross-Site Scripting (XSS) vulnerability in VMware NSX Manager UI due to improper input validation.

7.5

Severity

high

Chromium

V-Latest Stable (as of June 2025)

An insufficient policy enforcement vulnerability in Google Chromium allows remote attackers to leak cross-origin data via a crafted HTML page.

8.6

Severity

high

PCMan

V-2.0.7

A buffer overflow vulnerability in the NOOP Command Handler of PCMan FTP Server 2.0.7 allows remote attackers to execute arbitrary code.

9.1

Severity

critical

News-Buzz

V-1.0

An SQL injection vulnerability in /publicposts.php of News-Buzz CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the post parameter.

9.8

Severity

critical

D-Link dir-816

V-1.10CNB05

A stack-based buffer overflow vulnerability in /goform/form2lansetup.cgi of D-Link DIR-816 Router allows remote attackers to execute arbitrary code via the ip parameter.

9

Severity

critical

Tenda ac10

V-up to 15.03.06.47

A buffer overflow vulnerability in /goform/SetPptpServerCfg of Tenda AC10 Router allows remote attackers to execute arbitrary code via the startIp and endIp parameters.

6.5

Severity

medium

Django Backend

V-< 5.2.2, 5.1.10, 4.2.22

An issue in Django's HTTP response logging allows remote attackers to manipulate log output via crafted URLs, potentially leading to log injection or forgery.

9.1

Severity

critical

PHPGurukul Complaint MS

V-2.0

An SQL injection vulnerability in /admin/between-date-complaintreport.php of PHPGurukul Complaint Management System 2.0 allows remote attackers to execute arbitrary SQL commands via the fromdate and todate parameters.

9.8

Severity

critical

Apache Tomcat

V-Affected versions not specified

A remote code execution vulnerability in Apache Tomcat due to improper handling of file paths containing internal dots, leading to path equivalence issues.

9.9

Severity

critical

Veeam & Replication

V-Affected versions not specified

A vulnerability allowing remote code execution on the Backup Server by an authenticated domain user in Veeam Backup & Replication.

9

Severity

critical

Ivanti VPN

V-9.X and 22.7R2.5 and earlier

A buffer overflow vulnerability in Ivanti Connect Secure VPN appliances allows remote code execution, allegedly exploited by state-sponsored actors.

7.5

Severity

high

VMware NSX UI

V-Affected versions not specified

A stored Cross-Site Scripting (XSS) vulnerability in VMware NSX Manager UI due to improper input validation.

Critical
Your assets are in very big danger. you might get attacked anytime. please update your assets or contact the asset support team.
Low
Your assets have low level vulnerability. please update your assets or contact the asset support team to fix it.
High
Your assets are in big danger. you might get attacked anytime. please update your assets or contact the asset support team.
Medium
Your assets are in danger. you might get attacked soon or later. please update your assets or contact the asset support team to fix it.
Critical
Your assets are in very big danger. you might get attacked anytime. please update your assets or contact the asset support team.
Low
Your assets have low level vulnerability. please update your assets or contact the asset support team to fix it.
High
Your assets are in big danger. you might get attacked anytime. please update your assets or contact the asset support team.
Medium
Your assets are in danger. you might get attacked soon or later. please update your assets or contact the asset support team to fix it.

Reporting

Visualize how teams are detecting and remediating exploits over time.

⚠️
CVE-2023-41538·1m ago

Vulnerability detected

Instant triage

Quickly triage vulnerabilities with simulation based scanning.

tabarzin-icon

Export

JSON, PDF, and CSV export formats so you can take your data with you.

Broad Coverage

Protect against CVEs, weak creds, and misconfigurations across your tech stack.

Integrations-image

Integrations

Connect with Slack, Jira, GitHub, GitLab, Microsoft Teams and more.

Integrations-image

AI generated templates

Automate incoming data from pentest and bug bounty reports.

Powered by open-source
innovation

Our enterprise platform has an OS foundation.
Learn more about why we believe security should be simple,accessible, and community-driven.

Trusted by developers worldwide

Join thousands of developers who are already building the future with our AI powered platform