Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

OSV
OSVadded 2023/07/12 12:31 p.m.2 views

GHSA-47R2-PHR8-M8CP Apache Pulsar Broker Improper Authentication vulnerability

Improper Authentication vulnerability in Apache Software Foundation Apache Pulsar Broker allows a client to stay connected to a broker after authentication data expires if the client connected through the Pulsar Proxy when the broker is configured with authenticateOriginalAuthData=false or if a...

6.5CVSS5.9AI score0.00722EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 3:26 a.m.4 views

SUSE CVE-2022-27776

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number...

4.3CVSS7.6AI score0.03425EPSS
Exploits1References60
CNNVD
CNNVDadded 2022/10/31 12:0 a.m.3 views

PHP Point of Sale 安全漏洞

PHP Point of Sale is an online point of sale system for small retail businesses by PHP Point of Sale, Inc. A security vulnerability exists in PHP Point of Sale LLC version 19.0 that stems from the application's susceptibility to the disclosure of authenticated information, which can be exploited ...

4.9CVSS5.5AI score0.00368EPSS
Exploits0References3
Cvelist
Cvelistadded 2022/05/17 8:18 p.m.21 views

CVE-2022-1361 Cambium Networks cnMaestro SQL Injection

The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices...

7.4CVSS7.9AI score0.00857EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/03/23 8:20 p.m.25 views

CVE-2022-24757 Sensitive Auth & Cookie data stored in Jupyter server logs

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications. Prior to version 1.15.4, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are...

7.5CVSS7.7AI score0.01207EPSS
Exploits0References2
Huntr
Huntradded 2022/02/12 5:2 p.m.87 views

Insecure Storage of Sensitive Information in chatwoot/chatwoot

BUG ======== Stored xss via referer url allow to hijack victim access-token STEP TO REPRODUCE =================== 1. From admin account goto https://app.chatwoot.com/app/accounts/42689/settings/inboxes/list and create a inbox of type website .\ Now get you configuration script from this inbox and...

4.9CVSS5.6AI score0.00614EPSS
Exploits1
BDU FSTEC
BDU FSTECadded 2019/11/14 12:0 a.m.3 views

The vulnerability in the implementation of the interaction protocol between the “ARM Reliezer” software and the “Server Communication” software of the EKRASMS-SP software suite allows a perpetrator to recover the password.

The vulnerability of the implementation of the interaction protocol between the “ARM Reliezer” software and the “Server Communication” software of the EKRASMS-SP suite lies in the absence of a hashing mechanism, as well as the presence of pre-set authentication data used for encrypting passwords...

6.1CVSS5.5AI score
Exploits0Affected Software3
Rows per page
Query Builder