Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Snyk
Snykadded 2026/05/21 8:39 p.m.7 views

Insufficient Session Expiration

Overview nocodb is a NocoDB Affected versions of this package are vulnerable to Insufficient Session Expiration through the ApiToken delete path in the token management code. An attacker can keep using a deleted API token by deleting it while the cache entry remains keyed under the token value,...

6.3CVSS5.8AI score
Exploits0References2
CVE
CVEadded 2026/03/26 12:27 a.m.8 views

CVE-2026-33942

Saloon PHP library prior to version 4.0.0 deserializes OAuth token state via PHP unserialize() in AccessTokenAuthenticator::unserialize() with allowed_classes enabled. An attacker who controls the serialized data (e.g., by overwriting a cached token or injection) can submit a gadget object; upon ...

9.8CVSS6.6AI score0.00226EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linuxadded 2024/06/04 11:4 a.m.4 views

EAP: OIDC app attempting to access the second tenant, the user should be prompted to log

A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in...

7.3CVSS5.7AI score0.00061EPSS
Exploits0References4
CNNVD
CNNVDadded 2024/04/10 12:0 a.m.1 views

Red Hat JBoss Enterprise Application Platform 数据伪造问题漏洞

Red Hat JBoss Enterprise Application Platform EAP is an open source, J2EE-based middleware platform from Red Hat, Inc. The platform is primarily used to build, deploy and host Java applications and services. A data forgery vulnerability exists in Red Hat JBoss Enterprise Application Platform EAP,...

7.3CVSS7.4AI score0.00061EPSS
Exploits0References7
Snyk
Snykadded 2023/10/18 10:50 p.m.1 views

Missing Release of Resource after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime via the AuthenticationService. A cached token persists after the lifetime of the request due to an improper implementation of relations between ITokens and IUsers. An attacker can cau...

5.3CVSS6.9AI score0.00127EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2018/05/22 4:52 p.m.0 views

cxf: CXF's STSClient uses a flawed way of caching tokens that are associated with delegation tokens

It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service STS. This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token...

7.5CVSS7.2AI score0.02386EPSS
Exploits0References5
Rows per page
Query Builder