Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Positive Technologies
Positive Technologiesadded 2026/04/22 12:0 a.m.3 views

PT-2026-34240

OwnTone Server versions 28.4 through 29.0 contain a race condition vulnerability in the DAAP login handler that allows unauthenticated attackers to crash the server by exploiting unsynchronized access to the global DAAP session list. Attackers can flood the DAAP /login endpoint with concurrent...

8.2CVSS5.8AI score0.00354EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/14 8:5 a.m.3 views

EUVD-2025-34146

An unauthenticated remote attacker MITM can intercept the websocket messages to gain access to the login credentials for the Webfrontend...

6.8CVSS6.8AI score0.00038EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-54092

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00063EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-28259

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00124EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 3:57 p.m.4 views

CVE-2020-28096

FOSCAM FHD X1 1.14.2.4 devices allow attackers with physical UART access to login via the ipc.fos password...

7.2CVSS6.8AI score0.00049EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2025/01/11 6:17 a.m.7 views

CVE-2024-42170 HCL MyXalytics is affected by a session fixation vulnerability

HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session...

6.8CVSS6.8AI score0.00244EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/12/20 4:6 a.m.12 views

CVE-2024-44223

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access to a Mac may be able to view protected content from the Login Window...

0.00114EPSS
Exploits0References1
CVE
CVEadded 2023/10/18 12:0 a.m.45 views

CVE-2023-45911

The CVE-2023-45911 entry concerns WIPOTEC GmbH ComScale versions 4.3.29.21344 to 4.4.12.723, where an authentication bypass allows unauthenticated attackers to log in as any user without a password. The issue is a login-access control vulnerability (no password required) that impacts network-expo...

9.8CVSS9.3AI score0.0017EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2023/06/30 5:15 a.m.3 views

CVE-2023-32613

Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to use functions originally available after login without logging in...

8.1CVSS5.8AI score
Exploits0References2
OSV
OSVadded 2022/05/17 3:22 a.m.1 views

GHSA-23CR-5HR4-RGWV Improper Input Validation in Apache ActiveMQ

The LDAPLoginModule implementation in the Java Authentication and Authorization Service JAAS in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-361...

7.5CVSS7.2AI score0.01167EPSS
Exploits1References6
0day.today
0day.todayadded 2018/02/14 12:0 a.m.41 views

SOA School Management - access_login SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SOA - School Management Software with Integrated Parents/Students Portal & Mobile App - 'accesslogin' SQL Injection Dork: N/A Date: 2018-02-14 Exploit Author: Borna nematzadeh L0RD or email protected Vendor Homepage:...

7.1AI score
Exploits0
Rows per page
Query Builder