Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

91 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:50 a.m.2 views

CVE-2022-37144

The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated remote attacker in possession of a valid username and password can bruteforce their way past MFA protections to login as the targeted user...

8.8CVSS7.2AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:49 a.m.6 views

CVE-2022-37145

The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts for accounts configured to use the PlexTrac authentication provider. An unauthenticated remote attacker could perform a bruteforce attack on the login page with no time or attempt limitation in an...

7.5CVSS7.2AI score0.00932EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:37 a.m.5 views

CVE-2024-34914

php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its rememberkey value. This allows attackers to bruteforce to bruteforce the rememberkey value to gain access to accounts that have checked "remember me" when logging in...

5.3CVSS7.2AI score0.00076EPSS
Exploits0References1
EUVD
EUVDadded 2025/12/19 6:31 p.m.2 views

EUVD-2025-204542

AVideo versions 14.3.1 prior to 20.1 contain an unauthenticated remote code execution vulnerability caused by predictable generation of an installation salt using PHP uniqid. The installation timestamp is exposed via a public endpoint, and a derived hash identifier is accessible through...

9.3CVSS8AI score0.41084EPSS
Exploits2References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-9336

Malware in sbrugna...

9.1CVSS9AI score0.00168EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-4367

Malware in sbrugna...

8.8CVSS6.8AI score0.00227EPSS
Exploits2References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-1606

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00076EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-48646

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00389EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-41632

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.06635EPSS
Exploits2References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-53407

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00072EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.0 views

EUVD-2023-28143

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00412EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-47354

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0018EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:51 a.m.3 views

CVE-2024-46442

An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows attackers to bypass authentication via a bruteforce attack...

9.8CVSS7.1AI score0.00351EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:19 a.m.3 views

CVE-2024-48271

D-Link DSL6740C v6.TR069.20211230 was discovered to use insecure default credentials for Administrator access, possibly allowing attackers to bypass authentication and escalate privileges on the device via a bruteforce attack...

8.8CVSS7.8AI score0.00049EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:19 a.m.4 views

CVE-2024-48272

D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password, possibly allowing attackers to connect to the device via a bruteforce attack...

6.5CVSS7.3AI score0.00407EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:2 a.m.6 views

CVE-2023-27172

Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack...

9.1CVSS6.8AI score0.00086EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:11 a.m.4 views

CVE-2022-44411

Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication process, allowing attackers to obtain users' passwords via a bruteforce attack...

7.5CVSS6.9AI score0.0018EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/03/26 12:21 a.m.9 views

CVE-2025-29311

Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets...

7.5CVSS6.9AI score0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/03/24 12:0 a.m.8 views

CVE-2025-29311

Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets...

6.8AI score0.00239EPSS
Exploits0References1
NVD
NVDadded 2024/12/10 7:15 p.m.15 views

CVE-2024-46442

An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows attackers to bypass authentication via a bruteforce attack...

9.8CVSS0.00351EPSS
Exploits0References3
Rows per page
Query Builder