Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/27 9:19 p.m.2 views

CVE-2019-25652

UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept...

7.7CVSS5.9AI score0.00111EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/02/03 7:16 p.m.3 views

CVE-2025-52623

HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability. This can allow autocomplete on password fields may lead to unintended storage or disclosure of sensitive credentials, potentially increasing the risk of unauthorized access. This issue affects...

6.5CVSS5.8AI score0.00151EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-47994

Malicious code in bioql PyPI...

9.6CVSS6.4AI score0.00404EPSS
Exploits0References1
OSV
OSV
added 2025/08/21 2:54 p.m.5 views

GHSA-8HMM-4CRW-VM2C @musistudio/claude-code-router has improper CORS configuration

Impact Due to improper Cross-Origin Resource Sharing CORS configuration, there is a risk that user API Keys or equivalent credentials may be exposed to untrusted domains. Attackers could exploit this misconfiguration to steal credentials, abuse accounts, exhaust quotas, or access sensitive data...

9.3CVSS6.9AI score0.00285EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/06/14 2:24 p.m.6 views

CVE-2025-49194

The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credentials would be exposed...

7.5CVSS7.6AI score0.00275EPSS
Exploits0References1
Rows per page
Query Builder