Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1483 matches found

Cvelist
Cvelistadded 2025/12/30 10:41 p.m.25 views

CVE-2022-50800 H3C SSL VPN n/a Username Enumeration via Login Script Credential Verification

H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usernames through the 'txtUsrName' POST parameter. Attackers can submit different usernames to the loginsubmit.cgi endpoint and analyze response messages to distinguish between existing and non-existing...

7.5CVSS0.00045EPSS
Exploits1References4
NVD
NVDadded 2025/12/09 6:16 p.m.4 views

CVE-2025-62631

An insufficient session expiration vulnerability CWE-613 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's passwor...

5.6CVSS0.00014EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.3 views

PT-2025-50125

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.4, 7.0, 7.2, and 7.4.0 Description An insufficient session expiration exists in Fortinet FortiOS. Specifically, an active SSLVPN session may not terminate after a user’s password change under certain conditions. Thi...

5.6CVSS6.7AI score0.00014EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/11/23 12:0 a.m.2 views

PT-2025-47902

CVE-2025-13197 - CVE-2022-42363: SonicWall SSL-VPN Cross-Site Request Forgery CSRF CVE ID : CVE-2025-13197 Published : Nov. 22, 2025, 11:15 p.m. | 3 hours, 26 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA...

6AI score
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/11/21 12:31 p.m.4 views

CVE-2025-40601

A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS, which could cause an impacted firewall to crash...

7.5CVSS7.4AI score0.00045EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/11/20 12:0 a.m.2 views

SonicWALL SonicOS SSLVPN 安全漏洞

SonicWALL SonicOS SSLVPN is a virtual private network for secure remote access from SonicWALL USA. A security vulnerability exists in SonicWALL SonicOS SSLVPN that stems from a stack-based buffer overflow that could lead to a denial of service attack...

7.5CVSS7.7AI score0.00045EPSS
Exploits0References1
SonicWall
SonicWalladded 2025/11/19 11:35 a.m.9 views

SonicOS SSLVPN Pre-Auth Stack-Based Buffer Overflow Vulnerability

A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS, which could cause an impacted firewall to crash.SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a PoC have been made...

7.5CVSS7.2AI score0.00045EPSS
Exploits0
VulnCheck KEV
VulnCheck KEVadded 2025/10/23 12:0 a.m.2 views

VulnCheck KEV: CVE-2022-1703

Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management interface allows a remote authenticated attacker to inject OS Commands which potentially leads to remote command execution vulnerability or denial of service DoS attack...

9CVSS6AI score0.04079EPSS
In wildExploits0References2
VulnCheck KEV
VulnCheck KEVadded 2025/10/23 12:0 a.m.2 views

VulnCheck KEV: CVE-2023-5970

Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass...

8.8CVSS5.8AI score0.00567EPSS
In wildExploits0References2
Tenable Nessus
Tenable Nessusadded 2025/10/15 12:0 a.m.4 views

Fortinet Fortigate Authenticated Heap Overflow in SSL-VPN bookmarks (FG-IR-25-756)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-756 advisory. - An Heap-based Buffer Overflow vulnerability CWE-122 in FortiOS version 7.6.2 and below, version 7.4.7 and below, version...

8.8CVSS5.8AI score0.00062EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/14 6:30 p.m.5 views

EUVD-2025-34237

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL VPN 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4 all versions may allow a remote attacker e.g. a former admin whose account was removed and whose session was terminated in possessi...

4.8CVSS6.4AI score0.00046EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/10/14 3:23 p.m.6 views

CVE-2025-25252

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL VPN 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4 all versions may allow a remote attacker e.g. a former admin whose account was removed and whose session was terminated in possessi...

4.8CVSS0.00046EPSS
Exploits1References1
CVE
CVEadded 2025/10/14 3:23 p.m.11 views

CVE-2025-25252

This CVE (CVE-2025-25252) concerns an Insufficient Session Expiration (CWE-613) in FortiOS SSL VPN across multiple major releases, allowing a remote attacker with a valid SAML session record (e.g., a former admin) to access or reopen that session via re-use of the SAML record. A public POC exists...

6.5CVSS6.5AI score0.00046EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2025/10/14 12:0 a.m.4 views

PT-2025-41947

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.6.0 through 7.6.2 FortiOS versions 7.4.0 through 7.4.6 FortiOS versions 7.2.0 through 7.2.10 FortiOS versions 7.0.0 through 7.0.16 FortiOS version 6.4 Description An insufficient session expiration issue exists in FortiOS SS...

4.8CVSS6.7AI score0.00046EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2025/10/14 12:0 a.m.8 views

Fortinet Fortigate Insufficient Session Expiration in SSLVPN using SAML authentication (FG-IR-24-487)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-487 advisory. - An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL VPN 7.6.0 through 7.6.2... CVE-2025-25252 Note that...

6.5CVSS5.5AI score0.00046EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2008-0922

Malware in sbrugna...

6.4CVSS6.4AI score0.00381EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2006-5379

Malware in sbrugna...

2.1CVSS6.4AI score0.00079EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.20 views

EUVD-2016-3184

Malware in sbrugna...

5.9CVSS5.8AI score0.00392EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2014-3750

Malware in sbrugna...

5CVSS6.4AI score0.00182EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2019-4268

Malware in sbrugna...

7.7CVSS6.9AI score0.00995EPSS
Exploits0References2
Rows per page
Query Builder