Lucene search
K

46 matches found

RedhatCVE
RedhatCVE
β€’added 2026/01/07 9:12 a.m.β€’20 views

CVE-2025-1908

An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

7.7CVSS6.5AI score0.0034EPSS
Exploits1References1
EUVD
EUVD
β€’added 2025/10/03 8:7 p.m.β€’3 views

EUVD-2025-12125

Malicious code in bioql PyPI...

7.7CVSS6.3AI score0.0034EPSS
Exploits1References3
EUVD
EUVD
β€’added 2025/10/03 8:7 p.m.β€’4 views

EUVD-2022-36161

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00825EPSS
Exploits1References2
GithubExploit
GithubExploit
β€’added 2025/07/21 12:34 p.m.β€’115 views

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This c...

10CVSS9.2AI score0.94955EPSS
Exploits16
RedhatCVE
RedhatCVE
β€’added 2025/05/22 11:0 p.m.β€’10 views

CVE-2022-33106

WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over...

9.8CVSS7.3AI score0.00825EPSS
Exploits1References1
RedhatCVE
RedhatCVE
β€’added 2025/05/22 9:36 p.m.β€’10 views

CVE-2021-43991

The Kentico Xperience CMS version 13.0 – 13.0.43 is vulnerable to a persistent Cross-Site Scripting XSS vulnerability also known as Stored or Second-Order XSS. Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous...

6.8CVSS5.2AI score0.00545EPSS
Exploits1
OSV
OSV
β€’added 2025/04/26 6:31 a.m.β€’16 views

BIT-GITLAB-2025-1908 Business Logic Errors in GitLab

An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

7.7CVSS7.1AI score0.0034EPSS
Exploits1References3
Vulnrichment
Vulnrichment
β€’added 2025/04/24 7:30 a.m.β€’10 views

CVE-2025-1908 Business Logic Errors in GitLab

An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

7.7CVSS6.5AI score0.0034EPSS
Exploits1References2
CVE
CVE
β€’added 2025/04/24 7:30 a.m.β€’79 views

CVE-2025-1908

GitLab CVE-2025-1908 affects GitLab EE/CE. The issue could allow an attacker to track users’ browsing activities, potentially enabling full account takeover. Affected versions are 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1. Root-cause details and remediation/fix informatio...

7.7CVSS6.8AI score0.0034EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
β€’added 2025/04/24 12:0 a.m.β€’20 views

GitLab 16.6 < 17.9.7 / 17.10 < 17.10.5 / 17.11 < 17.11.1 (CVE-2025-1908)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before...

7.7CVSS5.5AI score0.0034EPSS
Exploits1References4
Cvelist
Cvelist
β€’added 2024/09/03 10:2 a.m.β€’18 views

CVE-2024-45586 Account Take Over Vulnerability

This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...

9.2CVSS0.00432EPSS
Exploits0References1
GithubExploit
GithubExploit
β€’added 2024/08/21 4:14 a.m.β€’155 views

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

10CVSS9.2AI score0.94955EPSS
Exploits16
0day.today
0day.today
β€’added 2024/02/13 12:0 a.m.β€’455 views

Lost and Found Information System v1.0 - ( IDOR ) leads to Account Take over Exploit

Exploit Title: Lost and Found Information System v1.0 - idor leads to Account Take over Exploit Author: OR4NG.M4N Category : webapps CVE : CVE-2023-38965 Python p0c : import argparse import requests import time parser = argparse.ArgumentParserdescription='Send a POST request to the target server'...

9.8CVSS7.4AI score0.01264EPSS
Exploits4
GithubExploit
GithubExploit
β€’added 2024/01/23 10:37 a.m.β€’261 views

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

10CVSS9.2AI score0.94955EPSS
Exploits16
Veracode
Veracode
β€’added 2024/01/17 7:8 p.m.β€’21 views

Account Take Over

gitlab is vulnerable to Account Take Over. The vulnerability is caused due to a missing validation of email addresses provided while resetting account passwords. An attacker can exploit this vulnerability to send reset emails to an unverified email address and can effectively reset the...

10CVSS7AI score0.94955EPSS
Exploits16References5Affected Software1
GithubExploit
GithubExploit
β€’added 2024/01/12 6:29 p.m.β€’455 views

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

10CVSS9.2AI score0.94955EPSS
Exploits16
Malwarebytes
Malwarebytes
β€’added 2023/08/18 7:15 p.m.β€’19 views

Attackers demand ransoms for stolen LinkedIn accounts

An ongoing campaign targeting LinkedIn accounts has led to victims losing control of their accounts, or being locked out following repeated login attempts. Whether the attackers are using brute force methods or credential stuffing isn't known, but because some victims are being being locked out...

7.1AI score
Exploits0
Packet Storm
Packet Storm
β€’added 2023/05/01 12:0 a.m.β€’335 views

Old Age Home Management 1.0 SQL Injection

Title: Old Age Home Management-2022-2023-1.0 SQLi-Bypass-Authentication-Account-Take-Over Author: nu11secur1ty Date: 04.29.2023 Vendor: BY ANUJ KUMAR, https://phpgurukul.com/author/anujk305/ Software: https://phpgurukul.com/old-age-home-management-system-using-php-and-mysql/googlevignette...

6.9AI score
Exploits0
NVD
NVD
β€’added 2022/10/12 2:15 p.m.β€’30 views

CVE-2022-33106

WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over...

9.8CVSS0.00825EPSS
Exploits1References2
Prion
Prion
β€’added 2022/10/12 2:15 p.m.β€’14 views

Default credentials

WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over...

7.5CVSS9.5AI score0.00825EPSS
Exploits1References2
Rows per page
Query Builder