Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Snyk
Snykadded 2026/03/29 3:14 p.m.1 views

Information Exposure

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Information Exposure via the verifyPassword endpoint. An attacker can obtain sensitive authentication data, such as MFA TOTP...

8.2CVSS5.9AI score0.00073EPSS
Exploits0References2
NVD
NVDadded 2026/02/25 3:16 a.m.5 views

CVE-2026-27609

Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint POST /apps/:appId/agent lacks CSRF protection. An attacker can craft a malicious page that, when visited by an authenticated dashboard user, submit...

8.3CVSS0.00007EPSS
Exploits0References2
NVD
NVDadded 2024/06/28 9:15 p.m.13 views

CVE-2024-39302

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0 directory with the goal of privilege...

3.7CVSS0.00145EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/06/28 8:51 p.m.13 views

CVE-2024-39302 Some bbb-record-core files installed with wrong file permission

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0 directory with the goal of privilege...

3.7CVSS6.5AI score0.00145EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/06/28 8:25 p.m.26 views

CVE-2024-38518 bbb-web API additional parameters considered

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an...

4.6CVSS6.8AI score0.00092EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/06/28 12:0 a.m.2 views

PT-2024-28428 · Unknown · Bigbluebutton

Name of the Vulnerable Software and Affected Versions: BigBlueButton versions prior to 2.6.18 BigBlueButton versions prior to 2.7.8 BigBlueButton versions prior to 3.0.0-alpha.7 Description: An attacker may exploit overly elevated file permissions in the...

3.7CVSS6.8AI score0.00145EPSS
Exploits0References7
NVD
NVDadded 2023/06/07 8:15 p.m.9 views

CVE-2023-33595

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function asciidecode at /Objects/unicodeobject.c...

5.5CVSS5.5AI score0.00089EPSS
Exploits0References2
Prion
Prionadded 2023/06/07 8:15 p.m.9 views

Heap overflow

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function asciidecode at /Objects/unicodeobject.c...

1.9CVSS5.6AI score0.00089EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2023/06/07 12:0 a.m.12 views

CVE-2023-33595

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function asciidecode at /Objects/unicodeobject.c...

5.5CVSS5.4AI score0.00089EPSS
Exploits0
Cvelist
Cvelistadded 2023/06/07 12:0 a.m.14 views

CVE-2023-33595

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function asciidecode at /Objects/unicodeobject.c...

5.8AI score0.00089EPSS
Exploits0References2
Rows per page
Query Builder