Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1994 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-39945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before 14.3.6, all versions starting from 14.4 before 14.4.4, all...

4CVSS4.8AI score0.00244EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-13230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account e.g., permission to view logs...

4.3CVSS6.7AI score0.00799EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-19270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry checking twice for subject, rather...

7.5CVSS6.3AI score0.00198EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2025/08/26 4:19 p.m.7 views

traQ Allows Insertion of Sensitive Information into Log File

Impact A vulnerability exists where sensitive information, such as OAuth tokens, is recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an...

5.9CVSS6.8AI score0.00116EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-1000211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access token...

7.5CVSS7.2AI score0.00265EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-13299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could...

8.1CVSS7.6AI score0.00186EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-5255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. CVE-2023-5255 Note that...

7.5CVSS7.1AI score0.0015EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.2 views

Malicious code in vc-revocation-list-2020-context (npm)

The package vc-revocation-list-2020-context was found to contain malicious code...

7AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-38166 Malicious code in vc-revocation-list-2020-context (npm)

The package vc-revocation-list-2020-context was found to contain malicious code...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/08/12 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-51491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during...

3.3CVSS6.9AI score0.00035EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-7374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service NULL pointer dereference or possibl...

7.8CVSS6.3AI score0.00354EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-56138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during...

4CVSS6.9AI score0.00008EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/09 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-40617

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity and intermediate CA...

7.5CVSS9.1AI score0.00222EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/06 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-36425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CR...

5.3CVSS6AI score0.00592EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/06 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-26957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate...

6.5CVSS7.5AI score0.00116EPSS
Exploits0References2
Packet Storm News
Packet Storm Newsadded 2025/07/22 12:0 a.m.2 views

Building a Robust OAuth Token Based API Security: a High Level Overview

APIs Application Programming Interfaces or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and scalable solutions for secure authentication and authorization...

7AI score
Exploits0
CVE
CVEadded 2025/06/17 2:31 p.m.17 views

CVE-2025-4754

CVE-2025-4754 describes an Insufficient Session Expiration vulnerability in ash_authentication_phoenix (ash-project) that enables session hijacking. Affected component: lib/ash_authentication_phoenix/controller.ex; affected until version 2.10.0. Reported impact includes tokens remaining valid aft...

2.3CVSS6.6AI score0.00453EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/06/17 2:31 p.m.5 views

CVE-2025-4754 Missing Session Revocation on Logout in ash_authentication_phoenix

Insufficient Session Expiration vulnerability in ash-project ashauthenticationphoenix allows Session Hijacking. This vulnerability is associated with program files lib/ashauthenticationphoenix/controller.ex. This issue affects ashauthenticationphoenix until 2.10.0...

2.3CVSS0.00453EPSS
Exploits0References5
OSV
OSVadded 2025/06/17 2:31 p.m.2 views

EEF-CVE-2025-4754 Missing Session Revocation on Logout in ash_authentication_phoenix

Summary Insufficient Session Expiration vulnerability in ash-project ashauthenticationphoenix allows Session Hijacking. This vulnerability is associated with program files lib/ashauthenticationphoenix/controller.ex. This issue affects ashauthenticationphoenix until 2.10.0...

2.3CVSS5.8AI score0.00453EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/06/17 2:31 p.m.2 views

CVE-2025-4754 Missing Session Revocation on Logout in ash_authentication_phoenix

Insufficient Session Expiration vulnerability in ash-project ashauthenticationphoenix allows Session Hijacking. This vulnerability is associated with program files lib/ashauthenticationphoenix/controller.ex. This issue affects ashauthenticationphoenix until 2.10.0...

2.3CVSS6.6AI score0.00453EPSS
Exploits0References5
Rows per page
Query Builder