Lucene search
K

88 matches found

CVE
CVE
added 2026/05/29 2:27 a.m.27 views

CVE-2026-8995

The affected product is the Poll Maker plugin for WordPress (by AYS), vulnerable in versions up to 6.3.7. The flaw resides in the AJAX action ays_poll_get_user_information, which lacks proper access controls and returns the full WP_User object (including password hash, email, login, registration ...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 6:45 p.m.13 views

Malicious code in qr-code-styling-temp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 004a5cc51cc0e38448c56189fb4437ad113eec163f7ae1a7692b88d6aed71182 The package's install lifecycle script node index.js and its main entry both load lib/core.js, which reads os.userInfo.username, os.hostname, and the...

5.8AI score
Exploits0References2
EUVD
EUVD
added 2026/05/15 12:30 a.m.19 views

EUVD-2026-30494

Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in the GET /api/v1/demo/registered-users endpoint that allows unauthenticated attackers to retrieve sensitive user information. Attackers can access the endpoint without providing authentication credentials to obtain...

6.9CVSS5.8AI score0.00356EPSS
Exploits0References3
CVE
CVE
added 2026/03/19 11:10 p.m.13 views

CVE-2026-29108

SuiteCRM vulnerable prior to 8.9.3 via an authenticated API endpoint that can reveal detailed user data including password hashes and MFA configuration for any user. Root cause: exposed information in the API when queried by an authenticated user. Impact: potential to crack stored password hashes...

6.5CVSS5.8AI score0.00306EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.7 views

PT-2026-2486

Name of the Vulnerable Software and Affected Versions Hubert Imoveis e Administracao Ltda Hub v2.0 version 1.27.3 Description The software contains insecure permissions that allow authenticated attackers with low-level privileges to access other users' information through a specially crafted API...

6.5CVSS5.4AI score0.00364EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/01/07 9:42 a.m.16 views

CVE-1999-0612

A version of finger is running that exposes valid user information to any entity on the network...

6.5AI score0.68185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:39 a.m.10 views

CVE-1999-0626

A version of rusers is running that exposes valid user information to any entity on the network...

6.6AI score0.01376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/12 8:15 p.m.4 views

CVE-2021-47717

IntelliChoice eFORCE Software Suite 2.5.9 contains a username enumeration vulnerability that allows attackers to enumerate valid users by exploiting the 'ctl00$MainContent$UserName' POST parameter. Attackers can send requests with valid usernames to retrieve user information...

6.9CVSS6.8AI score0.00301EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 8:40 p.m.14 views

CVE-2021-47717

CVE-2021-47717 affects IntelliChoice eFORCE Software Suite 2.5.9. The vulnerability is a username enumeration flaw exploited via the POST parameter ctl00$MainContent$UserName, allowing an attacker to determine valid usernames and potentially retrieve user information. Root cause is improper handl...

6.9CVSS6.4AI score0.00301EPSS
Exploits0References4
NVD
NVD
added 2025/11/04 2:15 p.m.4 views

CVE-2025-41343

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'email' in '/backend/api/users/searchUserByEmail.php'...

8.7CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 2:15 p.m.6 views

CVE-2025-41337

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarSSOParametros.php'...

8.7CVSS0.00293EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-0820

Malware in sbrugna...

1.9CVSS6.4AI score0.00437EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-1999-0609

Malware in sbrugna...

6.4AI score0.01376EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-15057

Malware in sbrugna...

7.5CVSS7.4AI score0.01276EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-37611

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00607EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33496

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-17050

Malicious code in bioql PyPI...

6.5CVSS8.8AI score0.00391EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-53461

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0031EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-48075

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00456EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1957

Malicious code in bioql PyPI...

4.7CVSS4.8AI score0.00278EPSS
Exploits0References7
Rows per page
Query Builder