Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/02/18 10:36 p.m.4 views

CVE-2026-24733

A flaw was found in Tomcat. An improper input validation vulnerability allows an attacker to bypass security constraints. Specifically, if a security constraint is configured to permit HEAD requests to a URI but deny GET requests, a malformed or specification invalid HEAD request using the HTTP/0...

6.5CVSS5.6AI score0.00163EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/02/06 12:0 a.m.3 views

Claude Code 授权问题漏洞

Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code prior to 2.1.7 had an authorization issue vulnerability. This vulnerability occurred due to the failure to strictly enforce the denial rules configured in settings.json when accessing...

7.5CVSS5.8AI score0.00055EPSS
Exploits0References2
Veracode
Veracodeadded 2025/11/25 8:40 a.m.5 views

Improper Access Control

@anthropic-ai/claude-code is vulnerable to improper access control. The vulnerability is due to improper handling of symlinks in permission-deny rules, which allows an attacker to bypass explicit file-access restrictions and access files via symlink paths...

6.5CVSS7AI score0.00058EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 4:54 a.m.1 views

SUSE CVE-2016-9849

An issue was discovered in phpMyAdmin. It is possible to bypass AllowRoot restriction $cfg'Servers'$i'AllowRoot' and deny rules for username by using Null Byte in the username. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are affected...

9.8CVSS7AI score0.00217EPSS
Exploits0References2
FreeBSD
FreeBSDadded 2021/02/24 12:0 a.m.34 views

FreeBSD -- login.access fails to apply rules

Problem Description: A regression in the login.access5 rule processor has the effect of causing rules to fail to match even when they should not. This means that rules denying access may be ignored. Impact: The configuration in login.access5 may not be applied, permitting login access to users ev...

5.3CVSS2.4AI score0.00241EPSS
Exploits0
NVD
NVDadded 2020/02/20 10:15 p.m.15 views

CVE-2019-11189

Authentication Bypass by Spoofing in org.onosproject.acl access control and org.onosproject.mobility host mobility in ONOS v2.0 and earlier allows attackers to bypass network access control via data plane packet injection. To exploit the vulnerability, an attacker sends a gratuitous ARP reply tha...

7.5CVSS7.7AI score0.00171EPSS
Exploits0References1
CVE
CVEadded 2020/02/20 9:36 p.m.88 views

CVE-2019-11189

The CVE describes an Authentication Bypass in ONOS v2.0 and earlier via data plane packet injection. A gratuitous ARP reply can trigger the host mobility application to remove existing access control flow denial rules, and the access control app does not re-install those deny rules, allowing bypa...

7.5CVSS7.7AI score0.00171EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder