Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-27275

Malicious code in bioql PyPI...

5.6CVSS6.3AI score0.0023EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/06/23 12:0 a.m.2 views

PT-2025-26582

Name of the Vulnerable Software and Affected Versions: WSO2 products affected versions not specified Description: An incorrect authorization issue exists, allowing unauthorized access to versioned files stored in the registry. This is due to flawed authorization logic, which can be exploited by a...

4.3CVSS5.8AI score0.00145EPSS
Exploits0References5
NVD
NVDadded 2025/05/30 3:15 p.m.10 views

CVE-2024-7097

An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows user account creation regardless of the self-registration configuration settings. This vulnerability enables malicious actors to create new user accounts without proper...

4.3CVSS0.25144EPSS
Exploits0References1
Snyk
Snykadded 2025/05/22 7:42 p.m.3 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication due to an implementation flaw that allows an invalid object to be processed. An attacker can compromise the integrity of the authentication process by circumventing the client verification mechanism. Remediation...

8.8CVSS7.1AI score0.00175EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2025/02/27 6:30 a.m.17 views

WSO2 incorrect authorization vulnerability

An incorrect authorization vulnerability exists in multiple WSO2 products, allowing protected APIs to be accessed directly using a refresh token instead of the expected access token. Due to improper authorization checks and token mapping, session cookies are not required for API access, potential...

5.6CVSS6.9AI score0.0023EPSS
Exploits0References4Affected Software2
Imperva Blog
Imperva Blogadded 2024/01/31 2:3 p.m.52 views

Imperva uncovers new Indicators of Compromise for FBI and CISA-flagged AndroxGh0st botnet

On January 16, a joint alert from FBI and CISA warned about a concerning development: the emergence of a botnet driven by AndroxGh0st malware targeting vulnerable applications and web servers. AndroxGh0st is a Python-based malware, first seen in late 2022, designed to target Laravel .env files an...

10CVSS8AI score0.94434EPSS
Exploits216
NCSC
NCSCadded 2022/04/25 12:0 a.m.4 views

Vulnerability fixed in WSO2 products

A serious vulnerability has been fixed in several products of WSO2. A malicious person with access to the network can exploit the exploit the vulnerability to execute arbitrary code or gain access to sensitive data. Public exploit code is available. This exploit code allows a remote malicious par...

10CVSS7.5AI score0.94434EPSS
Exploits22
Rows per page
Query Builder