Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2025/10/21 12:0 a.m.2 views

CVE-2025-60427

LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...

5.9AI score0.00036EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/21 12:0 a.m.3 views

EUVD-2025-35203

LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...

5.8AI score0.00036EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/08/16 11:25 a.m.3 views

CVE-2025-28962

Missing Authorization vulnerability in stefanoai Advanced Google Universal Analytics advanced-google-universal-analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Google Universal Analytics: from n/a through = 1.0.3...

6.5CVSS5.9AI score0.00067EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2025/07/23 12:0 a.m.2 views

The software’s vulnerability regarding access to analytics and planning tools within the IBM Analytics Content Hub, due to deficiencies in the error reporting mechanism, allows a perpetrator to gain access to confidential information.

The vulnerability of the software for accessing analytics and planning tools in the IBM Analytics Content Hub is related to deficiencies in the reporting mechanism for errors. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to confidential...

5.3CVSS5.5AI score0.00188EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.8 views

GitLab 17.7.0 < 17.7.6 / 17.8 < 17.8.4 / 17.9 < 17.9.1 (CVE-2025-2045)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper authorization in GitLab EE affecting all versions from 17.7 prior to 17.7.6, 17.8 prior to 17.8.4, 17.9 prior to 17.9.1 allow users with limited permissions to access to potentially sensitive...

4.3CVSS5.5AI score0.00032EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2025/02/28 12:0 a.m.6 views

FreeBSD : Gitlab -- Vulnerabilities (8fb9101e-f58a-11ef-b4e4-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 8fb9101e-f58a-11ef-b4e4-2cf05da270f3 advisory. Gitlab reports: XSS in k8s proxy endpoint XSS Maven Dependency Proxy HTML injection leads to X...

8.7CVSS8.6AI score0.01145EPSS
Exploits1References6
Veracode
Veracodeadded 2024/10/16 8:21 a.m.15 views

Always-Incorrect Control Flow Implementation

gradio is vulnerable to Always-Incorrect Control Flow Implementation. The vulnerability is due to the improper handling of the enablemonitoring flag. An attacker can access sensitive application analytics by directly requesting the /monitoring endpoint...

4.3CVSS6.5AI score0.00158EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder