Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

75 matches found

Cvelist
Cvelistadded 5 days ago34 views

CVE-2026-46579 Openshift/router: openshift/router: mtls client certificate spoofing via unstripped x-ssl-client headers on http frontend

A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...

7.4CVSS0.00038EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/15 11:15 p.m.1 views

CVE-2026-40193

maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module where user-supplied usernames are interpolated into LDAP search filters and DN strings via strings.ReplaceAll without any LDAP filter escaping, despite the...

8.2CVSS5.9AI score0.00056EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/02 12:0 a.m.2 views

PT-2026-29940

Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField in github.com/traefik/traefik...

5CVSS5.9AI score0.00023EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2026/03/31 6:53 a.m.2 views

Security information for Hitachi Disk Array Systems

Overview CVE-2026-20846 | GDI+ Denial of Service Vulnerability CVE-2026-21222 | Windows Kernel Information Disclosure Vulnerability CVE-2026-21231 | Windows Kernel Elevation of Privilege Vulnerability CVE-2026-21234 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability...

8.8CVSS6.8AI score0.24963EPSS
Exploits9References25
CVE
CVEadded 2026/03/25 4:14 p.m.3 views

CVE-2026-32492

CVE-2026-32492 is reported in Wordfence for the WordPress plugin My Tickets – Accessible Event Ticketing, affecting versions

5.3CVSS5.8AI score0.00049EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/01/13 12:0 a.m.1 views

MiracleLinux 9 : krb5-1.21.1-8.el9_6 (AXSA:2025-10565:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10565:05 advisory. krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions CVE-2025-3576 Tenable has extracted the preceding descriptio...

5.9CVSS6.8AI score0.0026EPSS
Exploits0References2
NVD
NVDadded 2025/12/30 1:15 a.m.1 views

CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS0.0008EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2025/12/30 1:15 a.m.1 views

CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS5.9AI score0.0008EPSS
Exploits0References4
OSV
OSVadded 2025/12/30 12:41 a.m.1 views

CVE-2025-69217 Coturn has unsafe nonce and relay port randomization due to weak random number generation.

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS6.9AI score0.0008EPSS
Exploits0References5
AlpineLinux
AlpineLinuxadded 2025/12/30 12:41 a.m.2 views

CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS7AI score0.0008EPSS
Exploits0References3
EUVD
EUVDadded 2025/12/30 12:41 a.m.2 views

EUVD-2025-205680

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS6.5AI score0.0008EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/12/30 12:41 a.m.23 views

CVE-2025-69217 Coturn has unsafe nonce and relay port randomization due to weak random number generation.

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS0.0008EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletinsadded 2025/11/14 10:42 a.m.11 views

Security Bulletin: TSSC/IMC addresses multiple security vulnerabilities.

Summary TSSC/IMC addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2024-34397 DESCRIPTION: An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted...

9.8CVSS7.8AI score0.03091EPSS
Exploits5Affected Software1
Github Security Blog
Github Security Blogadded 2025/11/06 11:35 p.m.6 views

KubeVirt's Improper TLS Certificate Management Handling Allows API Identity Spoofing

Summary Due to improper TLS certificate management, a compromised virt-handler could impersonate virt-api by using its own TLS credentials, allowing it to initiate privileged operations against another virt-handler. Details Give all details on the vulnerability. Pointing to the incriminated sourc...

6.3CVSS5.8AI score0.00017EPSS
Exploits1References6Affected Software1
NVD
NVDadded 2025/11/06 4:15 p.m.1 views

CVE-2025-58595

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin-login allows Identity Spoofing.This issue affects All In One Login: from n/a through = 2.0.8...

9.1CVSS0.00068EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/10/14 5:0 p.m.5 views

CVE-2025-59284 Windows NTLM Spoofing Vulnerability

...

3.3CVSS0.00039EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-3544

Malware in sbrugna...

7.6CVSS7.2AI score0.00064EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2010-0808

Malware in sbrugna...

4.3CVSS6.4AI score0.00145EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-8015

Malware in sbrugna...

8.1CVSS7.9AI score0.01006EPSS
Exploits0References9
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2007-5780

Malware in sbrugna...

5CVSS6.4AI score0.0023EPSS
Exploits0References6
Rows per page
Query Builder