Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2025/10/30 4:8 p.m.3 views

CVE-2025-62712 JumpServer Connection Token Leak Vulnerability

JumpServer is an open source bastion host and an operation and maintenance security audit system. In JumpServer versions prior to v3.10.20-lts and v4.10.11-lts, an authenticated, non-privileged user can retrieve connection tokens belonging to other users via the super-connection API endpoint...

9.6CVSS6.7AI score0.00071EPSS
Exploits0References4
CVE
CVEadded 2025/10/30 4:8 p.m.42 views

CVE-2025-62712

CVE-2025-62712 affects JumpServer. In versions before 3.10.20-lts and 4.10.11-lts, an authenticated, non-privileged user can retrieve other users’ connection tokens via the /api/v1/authentication/super-connection-token/ endpoint. When accessed through a browser, the endpoint returns tokens from a...

9.6CVSS6.3AI score0.00071EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2025/05/22 1:15 p.m.1 views

CVE-2025-3944

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows File Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before...

9.8CVSS5.8AI score
Exploits0References2
NVD
NVDadded 2023/08/29 5:15 p.m.20 views

CVE-2023-41037

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorit...

4.3CVSS4.4AI score0.00095EPSS
Exploits1References2
OpenVAS
OpenVASadded 2019/12/12 12:0 a.m.101 views

Samba Multiple Vulnerabilities (CVE-2019-14861, CVE-2019-14870)

Samba is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.4CVSS6AI score0.04997EPSS
Exploits0References2
OSV
OSVadded 2019/12/10 11:15 p.m.24 views

CVE-2019-14870

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos...

5.4CVSS4.1AI score0.04669EPSS
Exploits0References14
CNVD
CNVDadded 2017/05/02 12:0 a.m.2 views

Linux kernel denial of service vulnerability (CNVD-2017-06843)

Linux is an open source computer operating system kernel. A denial of service vulnerability exists in the NFSv2/NFSv3 server in the nfsd subsystem of Linux kernel version 4.10.11. It allows remote attackers to cause a denial of service via a long RPC reply...

7.8CVSS7.6AI score0.16011EPSS
Exploits0References1
Rows per page
Query Builder