Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2026/04/20 9:0 a.m.3 views

CVE-2025-13480 Incorrect authorization in Fudo Enterprise

Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings. This vulnerability has been...

5.1CVSS5.7AI score0.00059EPSS
Exploits0References3
GithubExploit
GithubExploitadded 2026/04/13 6:49 p.m.133 views

Exploit for Improper Access Control in Fortinet Forticlientems

CVE-2026-35616 - FortiClient EMS Pre-Authentication API Bypass...

9.8CVSS6.5AI score0.34753EPSS
Exploits7
OSV
OSVadded 2026/01/20 8:52 p.m.1 views

GHSA-GFPW-JGVR-CW4J Fleet Windows MDM endpoint has a Cross-site Scripting vulnerability

Summary A cross-site scripting XSS vulnerability in Fleet’s Windows MDM authentication flow could allow an attacker to compromise a Fleet user account. In certain cases, this could lead to administrative access and the ability to perform privileged actions on managed devices. Impact If Windows MD...

5.5CVSS5.3AI score0.00047EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/08/22 12:22 a.m.9 views

CVE-2025-50904

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 2025-06-11. An attacker can exploit this vulnerability to access /admin/ API without any token...

9.8CVSS7.4AI score0.00117EPSS
Exploits1References1
Veracode
Veracodeadded 2022/04/07 6:29 a.m.4 views

Information Disclosure

github.com/ipfs/go-ipfs is vulnerable to information disclosure. The vulnerability exists in docker-compose.yaml because the resulting list of listeners when running IPFS are either public or bound to public IPs which allows an attacker to gain admin API access to the IPFS node and control user...

6.9AI score
Exploits0
OSV
OSVadded 2020/04/12 5:15 p.m.3 views

CVE-2020-11710

An issue was discovered in docker-kong for Kong through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1 Inaccurate Bug Scope - The issue scope was...

9.8CVSS9.3AI score
Exploits0References4
RedHat Linux
RedHat Linuxadded 2012/10/16 5:17 p.m.2 views

Keystone: Lack of authorization for adding users to tenants

OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...

5.8CVSS5.9AI score0.01949EPSS
Exploits1References4
Rows per page
Query Builder