Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/01/08 5:58 p.m.16 views

CVE-2025-68158 Authlib: 1-click Account Takeover

Authlib is a Python library which builds OAuth and OpenID Connect servers. In versions 1.0.0 through 1.6.5, cache-backed state/request-token storage is not tied to the initiating user session, so CSRF is possible for any attacker that has a valid state easily obtainable via an attacker-initiated...

5.7CVSS0.00026EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2026/01/08 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authlib is a Python library which builds OAuth and OpenID Connect servers. In versions 1.0.0 through 1.6.5, cache-backed state/request-token storage is not tied...

8.8CVSS5.8AI score0.00026EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/12/19 9:24 a.m.1 views

CVE-2025-66524 Apache NiFi: Deserialization of Untrusted Data in GetAsanaObject Processor

Apache NiFi 1.20.0 through 2.6.0 include the GetAsanaObject Processor, which requires integration with a configurable Distribute Map Cache Client Service for storing and retrieving state information. The GetAsanaObject Processor used generic Java Object serialization and deserialization without...

7.5CVSS6.2AI score0.00149EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/19 12:0 a.m.4 views

PT-2025-52439

Name of the Vulnerable Software and Affected Versions Apache NiFi versions 1.20.0 through 2.6.0 Description The GetAsanaObject Processor in Apache NiFi utilizes a Distribute Map Cache Client Service for state management. This processor employs Java Object serialization and deserialization without...

8.8CVSS6.3AI score0.00149EPSS
Exploits0References13
SUSE CVE
SUSE CVEadded 2023/02/15 3:53 a.m.1 views

SUSE CVE-2020-25829

An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This result...

7.5CVSS8.2AI score0.00248EPSS
Exploits0References4
OSV
OSVadded 2021/09/08 3:15 p.m.0 views

CVE-2021-1861

An issue existed in determining cache occupancy. The issue was addressed through improved logic. This issue is fixed in macOS Big Sur 11.3. A malicious website may be able to track users by setting state in a cache...

4.3CVSS5.8AI score
Exploits0References1
Xen Project
Xen Projectadded 2018/01/03 10:30 p.m.555 views

Information leak via side effects of speculative execution

ISSUE DESCRIPTION Processors give the illusion of a sequence of instructions executed one-by-one. However, in order to most efficiently use cpu resources, modern superscalar processors actually begin executing many instructions in parallel. In cases where instructions depend on the result of...

5.6CVSS7.2AI score0.9427EPSS
Exploits12
Rows per page
Query Builder