Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Positive Technologies
Positive Technologiesadded 2026/03/24 12:0 a.m.2 views

PT-2026-27623

Name of the Vulnerable Software and Affected Versions Authelia versions 4.39.15 Description Authelia is an open-source authentication and authorization server. An attacker may potentially be able to inject javascript into the Authelia login page if specific conditions are met, including...

2.1CVSS6AI score0.0002EPSS
Exploits1References4
OSV
OSVadded 2025/03/12 2:0 p.m.7 views

CVE-2025-27794 Flarum Vulnerable to Session Hijacking via Authoritative Subdomain Cookie Overwrite

Flarum is open-source forum software. A session hijacking vulnerability exists in versions prior to 1.8.10 when an attacker-controlled authoritative subdomain under a parent domain e.g., subdomain.host.com sets cookies scoped to the parent domain .host.com. This allows session token replacement f...

6.8CVSS6.5AI score0.00377EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2023/07/09 12:0 a.m.18 views

Fedora 38 : yt-dlp (2023-9f3938e10d)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-9f3938e10d advisory. Update to 2023.07.06. Mitigates CVE-2023-35934 / GHSA-v8mc-9377-rwjj Tenable has extracted the preceding description block directly from the Fedora security...

8.2CVSS7.7AI score0.00689EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2023/07/06 7:39 p.m.13 views

CVE-2023-35934

yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host...

8.2CVSS8.1AI score0.00689EPSS
Exploits0
OSV
OSVadded 2023/07/06 7:39 p.m.14 views

CVE-2023-35934 yt-dlp File Downloader cookie leak

yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host...

6.1CVSS8.1AI score0.00689EPSS
Exploits0References12
Hacker One
Hacker Oneadded 2021/04/28 11:41 p.m.7 views

Palo Alto Software: Subdomain takeover of www2.growasyouplan.com

Summary www2.growasyouplan.com points to an AWS EC2 instance at 67.202.62.93 that no longer exists. I was able to take control of this IP address and run my own EC2 instance. I can now serve content on this domain, obtain a TLS certificate for this domain, etc. If any customers or servers are...

0.7AI score
Exploits0
Rows per page
Query Builder