Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.3 views

CVE-2026-32865

OPEXUS eComplaint and eCASE before version 10.1.0.0 include the secret verification code in the HTTP response when requesting a password reset via 'ForcePasswordReset.aspx'. An attacker who knows an existing user's email address can reset the user's password and security questions. Existing...

9.8CVSS5.9AI score0.00307EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2528

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00881EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-8295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary...

5.9CVSS6.7AI score0.26699EPSS
Exploits7References2
RedhatCVE
RedhatCVE
added 2025/08/15 2:20 p.m.19 views

CVE-2025-54791

OMERO.web provides a web based client and plugin infrastructure. Prior to version 5.29.2, if an error occurred when resetting a user's password using the Forgot Password option in OMERO.web, the error message displayed on the Web page can disclose information about the user. This issue has been...

5.3CVSS7AI score0.00244EPSS
Exploits0References1
OSV
OSV
added 2025/08/13 6:47 p.m.3 views

GHSA-GPMG-4X4G-MR5R OMERO.web displays unecessary user information when requesting password reset

Background If an error occurred when resetting a user's password using the Forgot Password option in OMERO.web, the error message displayed on the Web page can disclose information about the user. Impact OMERO.web before 5.29.1 Patches User should upgrade to 5.29.2 or higher Workarounds Disable t...

5.3CVSS6AI score0.00244EPSS
Exploits0References4
NVD
NVD
added 2025/08/13 2:15 p.m.8 views

CVE-2025-54791

OMERO.web provides a web based client and plugin infrastructure. Prior to version 5.29.2, if an error occurred when resetting a user's password using the Forgot Password option in OMERO.web, the error message displayed on the Web page can disclose information about the user. This issue has been...

5.3CVSS0.00244EPSS
Exploits0References2
OSV
OSV
added 2019/06/06 7:29 p.m.4 views

CVE-2019-3579

MyBB 1.8.19 allows remote attackers to obtain sensitive information because it discloses the username upon receiving a password-reset request that lacks the code parameter...

5.3CVSS6.2AI score0.0153EPSS
Exploits0References2
Rows per page
Query Builder