Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/06/02 4:24 p.m.7 views

USN-8372-1 age vulnerability

It was discovered that age did not properly validate plugin names. An attacker could possibly use this issue to cause execution of an arbitrary program by supplying a crafted recipient or identity string...

9.8CVSS5.9AI score0.00565EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/19 1:19 p.m.5 views

CVE-2025-40901

A Stored HTML Injection vulnerability was discovered in the Credentials Manager functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious identity containing HTML tags. When a victim attempts to delete the affected...

5.9CVSS5.8AI score0.00029EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/03/26 3:7 p.m.1 views

CVE-2026-31813

Supabase Auth is a JWT based API for managing users and issuing JWT tokens. Prior to 2.185.0, a vulnerability has been identified that allows an attacker to issue sessions for arbitrary users using specially crafted ID tokens when the Apple or Azure providers are enabled. The attacker issues a...

4.8CVSS5.9AI score0.00042EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/11 4:42 p.m.1 views

CVE-2026-31813

Supabase Auth is a JWT based API for managing users and issuing JWT tokens. Prior to 2.185.0, a vulnerability has been identified that allows an attacker to issue sessions for arbitrary users using specially crafted ID tokens when the Apple or Azure providers are enabled. The attacker issues a...

4.8CVSS5.9AI score0.00042EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2026/02/13 12:0 a.m.3 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Version 4.0.1 of free5GC contains a security vulnerability caused by an array index out-of-bounds issue in the AMF component. This vulnerability could allow remote attackers to cause denial-of-service attacks using a...

7.5CVSS5.8AI score0.00218EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/09/19 2:38 p.m.15 views

CVE-2023-41890 Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation

Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity...

7.5CVSS6.3AI score0.00135EPSS
Exploits0References3
OSV
OSVadded 2013/11/02 6:55 p.m.0 views

UBUNTU-CVE-2013-6075

The comparedn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows 1 remote attackers to cause a denial of service out-of-bounds read, NULL pointer dereference, and daemon crash or 2 remote authenticated users to impersonate arbitrary users and bypass access restrictions vi...

5CVSS7.4AI score0.00228EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2011/05/16 6:0 p.m.18 views

CVE-2011-1407

The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity...

7.5CVSS7.2AI score0.00554EPSS
Exploits0
Rows per page
Query Builder