Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

152 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:20 p.m.6 views

CVE-2026-41505

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's makesigninkey function and exam.py's genticketcode function. This issue has been patched via commit 2f68e16...

8.7CVSS5.4AI score0.00264EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:20 p.m.6 views

CVE-2026-41588

RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — checksigninkey. This issue has been patched via commit 2f68e16...

9CVSS5.3AI score0.00362EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:16 p.m.7 views

CVE-2026-42197

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...

8.7CVSS5.7AI score0.0031EPSS
Exploits0References1
CVE
CVEadded 2026/05/27 6:31 p.m.18 views

CVE-2026-47161

RELATE is affected by CVE-2026-47161 due to Celery workers configured to deserialize untrusted pickle data prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb. An attacker who can reach the message broker can execute arbitrary commands on the host, and due to insufficient network isolation i...

8.7CVSS6.5AI score0.00489EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/27 12:0 a.m.11 views

PT-2026-44073

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...

8.7CVSS5.9AI score0.0031EPSS
Exploits0References4
NVD
NVDadded 2026/05/08 3:16 p.m.9 views

CVE-2026-41588

RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — checksigninkey. This issue has been patched via commit 2f68e16...

9CVSS0.00362EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/08 2:51 p.m.28 views

CVE-2026-41588 RELATE: Timing Attack Vulnerability in course/auth.py — check_sign_in_key()

RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — checksigninkey. This issue has been patched via commit 2f68e16...

9CVSS0.00362EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/08 2:51 p.m.4 views

CVE-2026-41588

RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — checksigninkey. This issue has been patched via commit 2f68e16...

9CVSS5.7AI score0.00362EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/08 2:51 p.m.12 views

CVE-2026-41588 RELATE: Timing Attack Vulnerability in course/auth.py — check_sign_in_key()

RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — checksigninkey. This issue has been patched via commit 2f68e16...

9CVSS5.7AI score0.00362EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.9 views

PT-2026-39141

Name of the Vulnerable Software and Affected Versions RELATE versions prior to commit 2f68e16 Description A timing attack exists in the check sign in key function within the course/auth.py file. A timing attack is a side-channel attack where an attacker attempts to compromise a system by analyzin...

9CVSS5.9AI score0.00362EPSS
Exploits0References8
NVD
NVDadded 2026/05/07 3:16 p.m.16 views

CVE-2026-41505

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's makesigninkey function and exam.py's genticketcode function. This issue has been patched via commit 2f68e16...

8.7CVSS0.00264EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/07 1:35 p.m.9 views

EUVD-2026-28379

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's makesigninkey function and exam.py's genticketcode function. This issue has been patched via commit 2f68e16...

8.7CVSS5.7AI score0.00264EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/07 1:35 p.m.5 views

CVE-2026-41505

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's makesigninkey function and exam.py's genticketcode function. This issue has been patched via commit 2f68e16...

8.7CVSS5.7AI score0.00264EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/07 1:35 p.m.9 views

CVE-2026-41505 RELATE: Predictable Token Generation in auth.py and exam.py

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's makesigninkey function and exam.py's genticketcode function. This issue has been patched via commit 2f68e16...

8.7CVSS5.7AI score0.00264EPSS
Exploits0References2
CVE
CVEadded 2026/05/07 1:35 p.m.10 views

CVE-2026-41505

RELATE is a web-based courseware package. Prior to commit 2f68e16, auth.py's make_sign_in_key() and exam.py's gen_ticket_code() generate predictable tokens, enabling potential exploitation across a network without user interaction. The issue is marked in CVSS 3.1 as HIGH (AV:N/AC:H/PR:N/UI:N/S:C/...

8.7CVSS5.7AI score0.00264EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/07 12:0 a.m.8 views

PT-2026-38443

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make sign in key function and exam.py's gen ticket code function. This issue has been patched via commit 2f68e16...

8.7CVSS5.7AI score0.00264EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2026/05/01 4:36 p.m.77 views

OWASP-Pentest-Suite

OWASP Web Application Penetration Testing University of t...

5.9AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/01/07 9:38 a.m.4 views

CVE-1999-0394

DPEC Online Courseware allows an attacker to change another user's password without knowing the original password...

10CVSS7AI score0.01603EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-1999-0394

Malware in sbrugna...

10CVSS6.4AI score0.01603EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-32011

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00759EPSS
Exploits1References4
Rows per page
Query Builder