Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/05/04 8:11 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the addWebhookAuthorization function. An attacker can cause excessive memory allocation by sending a large request body to the publicly accessible /api/v1/events/ endpoint,...

8.2CVSS5.8AI score0.00054EPSS
Exploits1References2
CVE
CVEadded 2026/01/17 8:24 a.m.11 views

CVE-2025-14078

CVE-2025-14078 affects the PAYGENT for WooCommerce WordPress plugin (versions up to 2.4.6). The root cause is missing authorization checks in paygent_check_webhook and a paygent_permission_callback that unconditionally returns true, enabling unauthenticated attackers to forge payment callbacks an...

5.3CVSS5.5AI score0.00157EPSS
Exploits0References5
CNVD
CNVDadded 2018/03/27 12:0 a.m.0 views

Anymail django-anymail Information Disclosure Vulnerability

Anymail django-anymail is a set of multiple transactional e-mail service provider integrated into Django open source e-mail system . A security vulnerability exists in the WEBHOOKAUTHORIZATION setting value in Anymail django-anymail versions 0.2 through 1.3. An attacker can exploit this...

7.4CVSS6.7AI score0.00306EPSS
Exploits0References1
PyPA
PyPAadded 2018/03/13 3:29 p.m.5 views

PYSEC-2018-46

Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...

7.4CVSS6.8AI score0.00306EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2018/03/13 3:29 p.m.0 views

UBUNTU-CVE-2018-1000089

Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...

7.4CVSS7.1AI score0.00306EPSS
Exploits0References3
OSV
OSVadded 2018/02/03 9:29 p.m.1 views

DEBIAN-CVE-2018-6596

webhooks/base.py in Anymail aka django-anymail before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOKAUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events...

9.1CVSS8.9AI score0.00552EPSS
Exploits0References1
OSV
OSVadded 2018/02/03 9:29 p.m.2 views

UBUNTU-CVE-2018-6596

webhooks/base.py in Anymail aka django-anymail before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOKAUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events...

9.1CVSS7.4AI score0.00552EPSS
Exploits0References7
Rows per page
Query Builder