Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/07/23 9:33 p.m.4 views

CVE-2025-7938

A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical. This issue affects the function updateGoods of the file GoodsController.java. The manipulation leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to th...

5.3CVSS4.6AI score0.0032EPSS
Exploits1References1
BDU FSTEC
BDU FSTECadded 2025/06/04 12:0 a.m.2 views

The vulnerability of the org.xwiki.platform:xwiki-platform-security-authorization-bridge package in the XWiki Platform, a platform for creating collaborative web applications, allows a perpetrator to execute arbitrary code.

The vulnerability of the org.xwiki.platform:xwiki-platform-security-authorization-bridge package in the XWiki Platform framework is related to improper authorization. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

6.5CVSS5.9AI score0.0078EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2025/03/24 5:42 p.m.8 views

CVE-2025-22223

Spring Security 6.4.0 - 6.4.3 may not correctly locate method security annotations on parameterized types or methods. This may cause an authorization bypass. You are not affected if you are not using @EnableMethodSecurity, or you do not have method security annotations on parameterized types or...

5.3CVSS7.2AI score0.00466EPSS
Exploits0References1
CVE
CVEadded 2025/03/24 5:42 p.m.267 views

CVE-2025-22223

Spring Security 6.4.0–6.4.3 may fail to locate method security annotations on parameterized types or methods, potentially bypassing authorization. IBM/WatsonX data shows affected product watsonx.data (2.1.3) with remediation to upgrade to watsonx.data 2.2 or CPD 5.2; IBM Maximo AI Broker also lis...

5.3CVSS7.2AI score0.00466EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2023/11/15 12:0 a.m.14 views

Atlassian Confluence Improper Authorization

Atlassian Confluence Server and Atlassian Confluence Data Center prior to 7.19.16 or 7.20.x prior to 8.3.4 or 8.4.x prior to 8.4.4 and 8.5.x prior to 8.5.3 are affected by an Improper Authorization. This vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence...

10CVSS7.3AI score0.99999EPSS
Exploits14References3
Cvelist
Cvelistadded 2021/10/08 3:15 p.m.14 views

CVE-2021-41975 Tad TadTools - Improper Authorization

TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in...

7.5CVSS9.4AI score0.01298EPSS
Exploits0References1
Prion
Prionadded 2021/10/04 6:15 a.m.25 views

Authorization

Cobbler before 3.3.0 allows authorization bypass for modification of settings...

5CVSS7.5AI score0.01307EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2016/01/13 3:59 p.m.15 views

CVE-2015-8466

Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header...

7.4CVSS7.3AI score0.02013EPSS
Exploits0References5
Rows per page
Query Builder