Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/04/20 12:0 a.m.2 views

PT-2026-33733

A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse openai plugin json to tool bundle of the file api/core/tools/utils/parser.py of the component ApiBasedToolSchemaParser. Executing a manipulation of the argument url can lead to server-side request forgery...

6.5CVSS6.1AI score0.00043EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2025/12/09 5:19 p.m.6 views

Filament multi-factor authentication (app) recovery codes can be used multiple times

Summary A flaw in the handling of recovery codes for app-based multi-factor authentication allows the same recovery code to be reused indefinitely. This issue does not affect email-based MFA. It also only applies when recovery codes are enabled. Impact If an attacker gains access to both the user...

8.1CVSS7.2AI score0.00065EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2024/07/09 12:0 a.m.3 views

PT-2024-29027 · Linksys · Linksys Velop Pro 6E

Name of the Vulnerable Software and Affected Versions: Linksys Velop Pro 6E version 1.0.8 Linksys Velop Pro 6E version 1.0.10.215314 Description: The issue concerns Linksys Velop Pro 6E devices sending cleartext Wi-Fi passwords over the public Internet during app-based installation...

5.3CVSS7.3AI score0.00039EPSS
Exploits0References6
ThreatPost
ThreatPostadded 2020/07/09 9:3 p.m.54 views

Microsoft Warns on OAuth Attacks Against Cloud App Users

Against the backdrop of widespread remote working and the increased use of collaboration apps, attackers are ramping up application-based attacks that exploit OAuth 2.0, Microsoft is warning. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services...

7.6AI score
Exploits0References7
Microsoft Secure
Microsoft Secureadded 2020/07/08 4:0 p.m.25 views

Protecting your remote workforce from application-based attacks like consent phishing

The global pandemic has dramatically shifted how people work. As a result, organizations around the world have scaled up cloud services to support collaboration and productivity from home. We’re also seeing more apps leverage Microsoft’s identity platform to ensure seamless access and integrated...

7AI score
Exploits0
Citrix
Citrixadded 2017/03/15 12:0 a.m.9 views

Managing Printer Deployment Using Layers in the Unidesk Environment

While many brokering and persona management solutions provide mechanisms to manage printer deployment, you might find it easier to use Unidesk layers. Unidesk layers provide a flexible mechanism for managing printer deployments for different groups of users. When you use Unidesk layers to deploy...

6.9AI score
Exploits0
ThreatPost
ThreatPostadded 2010/11/09 5:39 p.m.11 views

Malicious URLs Pose Mobile Hijacking Risk

The security of mobile devices may be at risk for Web borne attacks because of loose policies for processing URLs Uniform Resource Locators, according to a report by security researcher Nitesh Dhajani. Writing on the SANS Application Security Blog, Dhanjani said that that way the iPhone’s operati...

6.8AI score
Exploits0References4
Rows per page
Query Builder