Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

7 matches found

Metasploit
Metasploitā€¢added 2025/01/07 6:58 p.m.ā€¢455 views

OneDev Unauthenticated Arbitrary File Read

This module exploits an unauthenticated arbitrary file read vulnerability CVE-2024-45309, which affects OneDev versions use auxiliary/gather/onedevarbitraryfileread msf auxiliaryonedevarbitraryfileread show actions ...actions... msf auxiliaryonedevarbitraryfileread set ACTION msf...

8.7CVSS7.3AI score0.24822EPSS
Exploits1
Github Security Blog
Github Security Blogā€¢added 2022/05/17 3:43 a.m.ā€¢36 views

phpMyAdmin Cryptographic Vulnerability

The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach...

7.5CVSS7.3AI score0.02688EPSS
Exploits0References14Affected Software1
Github Security Blog
Github Security Blogā€¢added 2018/10/23 4:8 p.m.ā€¢31 views

Use of Insufficiently Random Values in penggle:kaptcha

text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random rather than SecureRandom function for generating CAPTCHA values, which makes it easier for remote attackers to bypass intended access restrictio...

9.8CVSS5.6AI score0.01468EPSS
Exploits0References3Affected Software1
Prion
Prionā€¢added 2018/06/05 11:29 a.m.ā€¢15 views

Default credentials

The forgotten-password feature in index.php/member/reset/resetemail.html in YzmCMS v3.2 through v3.7 has a Response Discrepancy Information Exposure issue and an unexpectedly long lifetime for a verification code, which makes it easier for remote attackers to hijack accounts via a brute-force...

7.5CVSS9.2AI score0.01436EPSS
Exploits0References1Affected Software1
Prion
Prionā€¢added 2018/01/12 5:29 p.m.ā€¢12 views

Design/Logic Flaw

IBM Security Identity Manager ISIM Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. IBM X-Force ID: 111695...

5CVSS6.4AI score0.02286EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEā€¢added 2015/04/01 12:0 a.m.ā€¢53 views

CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

5CVSS5.4AI score0.74006EPSS
Exploits0
Prion
Prionā€¢added 2011/09/20 10:55 a.m.ā€¢16 views

Cross site request forgery (csrf)

JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable flowExecutionKey parameter, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via a brute-force approach...

6.8CVSS7.2AI score0.01491EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder