Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

RedhatCVE
RedhatCVEadded 2025/12/11 10:1 p.m.3 views

CVE-2023-53741

Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without...

8.1CVSS7AI score0.00253EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2009-1660

Malware in sbrugna...

6.4CVSS6.4AI score0.0347EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-19478

Malware in sbrugna...

4.7CVSS4.7AI score0.00143EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-26889

Malicious code in bioql PyPI...

6.8CVSS4.4AI score0.00247EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-49135

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00101EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/08/29 10:1 a.m.7 views

CVE-2025-4644 User Session Fixation after Account Removal in PayloadCMS

A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token JWT, and then delete the account, which did not invalidate the JWT. As a result, the next newly created us...

5.3CVSS0.00088EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/08/29 10:1 a.m.2 views

CVE-2025-4644 User Session Fixation after Account Removal in PayloadCMS

A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token JWT, and then delete the account, which did not invalidate the JWT. As a result, the next newly created us...

5.3CVSS6.5AI score0.00088EPSS
Exploits0References3
CVE
CVEadded 2025/08/08 3:32 p.m.24 views

CVE-2025-8731

TRENDnet CVE-2025-8731 affects TI-G160i, TI-PG102i and TPL-430AP (up to 20250724) with the SSH Service using default credentials. Several sources confirm remote exploitation is possible and that the exploit has been publicly disclosed. Mitigation in publicly released documents centers on credenti...

10CVSS9.6AI score0.00995EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/23 12:21 a.m.4 views

CVE-2022-46318

The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings...

5.3CVSS6.9AI score0.00101EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:19 p.m.6 views

CVE-2021-32658

Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Due to a timeout issue the Android client may not properly clean all sensitive data on account removal. This could include sensitive key material such as the End-to-End encryption keys. It is recommended that...

4.7CVSS6.6AI score0.00143EPSS
Exploits1References1
CVE
CVEadded 2024/02/05 7:39 p.m.49 views

CVE-2024-22202

phpMyFAQ contains a vulnerability in the user removal page that lets an attacker spoof another user’s details and trigger phishing-style account deletion emails to administrators. The issue arises because the front-end does not enforce data integrity on the removal request, enabling an attacker (...

6.5CVSS6.3AI score0.00285EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2024/02/05 12:0 a.m.2 views

PT-2024-19270 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions prior to 3.2.5 Description: The issue allows an attacker to spoof another user's details, making a compelling phishing case for removing another user's account. Although the front-end of the user removal page does not allow...

6.5CVSS6.2AI score0.00285EPSS
Exploits1References12
OSV
OSVadded 2023/03/01 8:15 a.m.0 views

CVE-2023-22771

An insufficient session expiration vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability allows an attacker to keep a session running on an affected device after the removal of the impacted account...

2.4CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2023/03/01 8:15 a.m.13 views

Session fixation

An insufficient session expiration vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability allows an attacker to keep a session running on an affected device after the removal of the impacted account...

2.8CVSS4.1AI score0.00247EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologiesadded 2023/02/28 12:0 a.m.2 views

PT-2023-2101 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue is related to an insufficient session expiration in the command line interface of ArubaOS. This allows an attacker to maintain a session on an affected device even after the accou...

9.3CVSS3.6AI score0.00247EPSS
Exploits0References5
OSV
OSVadded 2022/12/20 9:15 p.m.0 views

CVE-2022-46318

The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings...

5.3CVSS5.8AI score0.00101EPSS
Exploits0References2
NVD
NVDadded 2022/12/20 9:15 p.m.11 views

CVE-2022-46318

The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings...

5.3CVSS0.00101EPSS
Exploits0References2
Prion
Prionadded 2022/12/20 9:15 p.m.13 views

Design/Logic Flaw

The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings...

5CVSS5.3AI score0.00101EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2022/12/20 12:0 a.m.49 views

CVE-2022-46318

CVE-2022-46318 corresponds to a logic-error in the HAware module of Huawei HarmonyOS. Multiple sources describe that Successful exploitation can affect the account removal function in Settings. The vulnerability is characterized as a function logic flaw within the HAware module, with no public de...

5.3CVSS5.3AI score0.00101EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2022/12/20 12:0 a.m.1 views

PT-2022-27810 · Unknown · Haware Module

Name of the Vulnerable Software and Affected Versions: HAware module affected versions not specified Description: The issue is related to a function logic error in the HAware module. This error affects the account removal function in Settings. Successful exploitation of this issue will have an...

5.3CVSS5AI score0.00101EPSS
Exploits0References4
Rows per page
Query Builder