Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2026/04/10 5:32 p.m.0 views

EUVD-2026-21047

Beszel has an IDOR in hub API endpoints that read system ID from URL parameter...

3.5CVSS5.8AI score0.00065EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/02/27 8:25 p.m.2 views

CVE-2026-28288

Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to existing and non-existent accounts differ, allowing an attacker to enumerate email addresses registered with Dify. Version 1.9.0 fixes the issue...

6.9CVSS5.9AI score0.00453EPSS
Exploits1References4Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-31096

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00236EPSS
Exploits0References1
OSV
OSVadded 2024/08/20 8:29 p.m.15 views

GO-2023-1670 Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd...

4.3CVSS4.6AI score0.01127EPSS
Exploits0References7
0day.today
0day.todayadded 2021/06/04 12:0 a.m.34 views

HealthForYou 1.11.1 / HealthCoach 2.9.2 User Enumeration Vulnerability

User enumeration through API Overview Advisory ID: TRSA-2104-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2104-01 Affected product: HealthForYou & Sanitas HealthCoach mobile and web applications Tested versions: HealthForYou 1.11.1...

7.4AI score
Exploits0
Hacker One
Hacker Oneadded 2020/12/30 11:20 p.m.26 views

h1-ctf: Grinchs website takendown with various other exploits

The HackyHolidays This is my first HackerOne CTF challenge writeup. Contents: flag1: Day 1 Check the files, robots.txt flag2: Day 2 one more : jquery.min.js flag3: Day 3 People Rater flag4: Day 4 Brute Force, Swag Shop flag5: Day 5 Brute Force, Secure Login flag6: Day 6 Brute Force, My Diary flag...

Exploits0
CNVD
CNVDadded 2018/05/15 12:0 a.m.1 views

ZOHO ManageEngine ServiceDesk Plus User Privilege Vulnerability

ZOHO ManageEngine ServiceDesk Plus SDP is the United States ZhuoHao ZOHO company's set of ITIL architecture based on IT service management software ITSM. The software integrates incident management, problem management, asset management, IT project management, procurement and contract management a...

5.3CVSS5.5AI score0.05186EPSS
Exploits1References1
NVD
NVDadded 2018/03/13 7:29 p.m.11 views

CVE-2017-16250

A vulnerability in Mitel ST 14.2, release GA28 and earlier, could allow an attacker to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names...

5.3CVSS5.2AI score0.00232EPSS
Exploits0References1
OSV
OSVadded 2018/03/13 7:29 p.m.1 views

CVE-2017-16250

A vulnerability in Mitel ST 14.2, release GA28 and earlier, could allow an attacker to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names...

5.3CVSS5.8AI score0.00232EPSS
Exploits0References1
OSV
OSVadded 2017/11/17 5:29 a.m.1 views

CVE-2017-1000226

Stop User Enumeration 1.3.8 allows user enumeration via the REST API...

5.3CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder