Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Veracode
Veracodeadded 2024/09/24 8:54 a.m.4 views

Unauthorized Access

github.com/zitadel/zitadel is vulnerable to Unauthorized Access. The vulnerability is due to the failure of the system to properly invalidate deactivated user grants in the tokens, allowing users to retain access to applications and resources despite their deactivated status...

7.3CVSS6.6AI score0.00261EPSS
Exploits0References20Affected Software1
Veracode
Veracodeadded 2023/09/13 9:51 a.m.46 views

Missing Authorization Checks

matrixsynapse is vulnerable to Improper Authentication. The vulnerability is due to the completelogin function as It fails to verify the deactivated status of users during login. This only applies if any of the following are true: 1. JSON Web Tokens are enabled for login via the jwtconfig.enabled...

5.4CVSS6.7AI score0.00975EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder