Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-6263

Malicious code in bioql PyPI...

8.2CVSS6.6AI score0.00055EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-6264

Malicious code in bioql PyPI...

8.3CVSS6.6AI score0.0061EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-6261

Malicious code in bioql PyPI...

8.2CVSS6.6AI score0.00629EPSS
Exploits0References1
NVD
NVDadded 2025/03/13 12:15 p.m.8 views

CVE-2025-29998

This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP...

8.2CVSS0.00629EPSS
Exploits0References1
NVD
NVDadded 2025/03/13 12:15 p.m.5 views

CVE-2025-29995

This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An authenticated remote attacker with a valid login ID could exploit this vulnerability through vulnerable API endpoint which could lead to account takeover of targete...

8.3CVSS0.0061EPSS
Exploits0References1
NVD
NVDadded 2025/03/13 12:15 p.m.5 views

CVE-2025-29994

This vulnerability exists in the CAP back office application due to improper authentication check at the API endpoint. An unauthenticated remote attacker with a valid login ID could exploit this vulnerability by manipulating API input parameters through API request URL/payload leading to...

8.2CVSS0.00766EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/03/13 11:23 a.m.20 views

CVE-2025-29998 No Rate Limiting Vulnerability in CAP back office application

This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP...

8.2CVSS0.00629EPSS
Exploits0References1
CVE
CVEadded 2025/03/13 11:21 a.m.78 views

CVE-2025-29997

CVE-2025-29997 affects the CAP back office application. The root cause is improper authorization checks on certain API endpoints, allowing an authenticated remote attacker to manipulate API request URLs and gain unauthorized access to other user accounts. The vulnerability is rated HIGH (CVSS 4.0...

8.2CVSS6.6AI score0.0051EPSS
Exploits0References1
CVE
CVEadded 2025/03/13 11:18 a.m.73 views

CVE-2025-29996

CVE-2025-29996 affects the CAP back office application. The issue is an improper implementation of the OTP verification in the API-based login, allowing a remote attacker with valid credentials to manipulate API requests to bypass 2FA for other user accounts. The core vulnerability is in the OTP/...

8.2CVSS6.6AI score0.00055EPSS
Exploits0References1
Rows per page
Query Builder