Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/05/29 12:0 a.m.10 views

PT-2026-44747

Name of the Vulnerable Software and Affected Versions Breeze versions prior to 2.5.3 Description Improper verification of the wordpress logged in cookie in the inc/cache/execute-cache.php file occurs when the "Cache Logged-in Users" setting is enabled. The plugin uses the substr function to parse...

5.3CVSS5.8AI score0.00059EPSS
Exploits0References11
Vulnrichment
Vulnrichmentadded 2026/05/06 6:12 p.m.6 views

CVE-2026-7930

...

5.4AI score0.00107EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/04/29 7:24 p.m.0 views

CVE-2018-25318

Tenda FH303/A300 firmware V5.07.68EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin cookie to change DNS...

9.8CVSS5.2AI score0.00239EPSS
Exploits1References2Affected Software1
VulnCheck KEV
VulnCheck KEVadded 2025/10/07 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-5947

The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via authentication bypass in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user's cookie value prior to logging them in through the servicefinderswitchback function...

9.8CVSS5.8AI score0.61701EPSS
In wildExploits2References3
OSV
OSVadded 2022/01/21 6:15 p.m.5 views

CVE-2020-4879

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote attacker to bypass security restrictions, caused by improper validation of authentication cookies. IBM X-Force ID: 190847...

9.8CVSS7.7AI score0.00703EPSS
Exploits0References2
OSV
OSVadded 2021/04/06 11:13 a.m.0 views

USN-4561-2 ruby-rack vulnerabilities

USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive...

8.6CVSS6.7AI score0.00907EPSS
Exploits1References3
OSV
OSVadded 2020/09/30 7:8 p.m.3 views

USN-4561-1 ruby-rack vulnerabilities

It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. CVE-2020-8161 It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie. CVE-2020-8184...

8.6CVSS6.7AI score0.00907EPSS
Exploits1References3
CNVD
CNVDadded 2017/10/23 12:0 a.m.3 views

Multiple F5 Product Access Privilege Vulnerabilities

F5 BIG-IP LTM and so on are products of F5 Corporation in the U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. iControl REST is one of the stateful display transport interfaces. A security vulnerability exists in iControl REST in several F5...

7.5CVSS6.8AI score0.00365EPSS
Exploits0References1
Rows per page
Query Builder