Lucene search
K

161564 matches found

GithubExploit
GithubExploit
added 2026/06/09 1:26 p.m.48 views

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

MCPJam Inspector Authorized Security Validator A bounded proo...

9.8CVSS6.2AI score0.38374EPSS
Exploits29
NVD
NVD
added 2026/06/09 1:16 p.m.10 views

CVE-2017-20249

Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attackers can send GET requests with crafted SQL payloads in the albid parameter to extract sensitive...

8.8CVSS0.00295EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 1:2 p.m.32 views

CVE-2026-11789 389-ds-base: 389-ds-base: smd5 password storage plugin salt length integer underflow crash

A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication...

4.9CVSS0.00335EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 1:2 p.m.8 views

CVE-2026-11789 389-ds-base: 389-ds-base: smd5 password storage plugin salt length integer underflow crash

A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication...

4.9CVSS5.7AI score0.00335EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 1:2 p.m.30 views

CVE-2026-11789

Affected software : 389 Directory Server (389-ds-base). Vulnerable component : SMD5 password storage plugin. Root cause : unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read and LDAP server crash during authenticatio...

6.5CVSS5.7AI score0.00335EPSS
Exploits0References2Affected Software3
Vulnrichment
Vulnrichment
added 2026/06/09 11:48 a.m.13 views

CVE-2017-20249 WordPress Plugin Apptha Slider Gallery 1.0 SQL Injection

Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attackers can send GET requests with crafted SQL payloads in the albid parameter to extract sensitive...

8.8CVSS6.1AI score0.00295EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/09 11:19 a.m.11 views

node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures

A flaw was found in Forge also called node-forge, a JavaScript library used for Transport Layer Security TLS. The library's Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could...

7.5CVSS5.5AI score0.00338EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/09 11:19 a.m.16 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.9CVSS7.1AI score0.02907EPSS
Exploits10References19
GithubExploit
GithubExploit
added 2026/06/09 11:16 a.m.52 views

Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os

CVE-2026-0257 - GlobalProtect portal Authentication Bypass...

9.1CVSS6AI score0.86678EPSS
Exploits9
Patchstack
Patchstack
added 2026/06/09 9:39 a.m.11 views

WordPress Advanced Google reCAPTCHA plugin <= 5.38 - Authenticated (Subscriber+) Authentication Bypass vulnerability

Authenticated Subscriber+ Authentication Bypass vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin Advanced Google reCAPTCHA versions = 5.38...

8.8CVSS5.5AI score0.00393EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/06/09 9:16 a.m.12 views

CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

9.1CVSS0.00369EPSS
Exploits0References5
OSV
OSV
added 2026/06/09 9:16 a.m.6 views

UBUNTU-CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

9.1CVSS5.5AI score0.00369EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/09 8:57 a.m.14 views

EUVD-2026-35387

SQL injection in the ‘twostepsauthcode’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL queri...

9.3CVSS6AI score0.00349EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 8:57 a.m.32 views

CVE-2026-10731 SQL injection in Nemon products

SQL injection in the ‘twostepsauthcode’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL queri...

9.3CVSS0.00349EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 8:57 a.m.7 views

CVE-2026-10731 SQL injection in Nemon products

SQL injection in the ‘twostepsauthcode’ parameter processed by the ‘twoStepsAuthVerification’ function within the ‘/user-login’ endpoint. The two-factor authentication 2FA functionality can be accessed without prior authentication, allowing unauthenticated attackers to execute arbitrary SQL queri...

9.3CVSS6AI score0.00349EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 7:34 a.m.24 views

CVE-2009-10007

CVE-2009-10007 affects Catalyst::Plugin::Authentication for Perl prior to 0.10_027. The vulnerability arises because the plugin does not automatically change the session id after authentication, enabling session fixation where an attacker with a valid session cookie can impersonate the victim. Do...

9.1CVSS5.5AI score0.00369EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/09 7:34 a.m.12 views

EUVD-2009-5128

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

9.1CVSS5.5AI score0.00369EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/09 7:34 a.m.8 views

CVE-2009-10007 Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

5.5AI score0.00369EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/09 7:34 a.m.39 views

CVE-2009-10007 Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

0.00369EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/09 7:34 a.m.8 views

CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

9.1CVSS5.5AI score0.00369EPSS
Exploits0
Rows per page
Query Builder