Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Prion
Prionadded 2022/02/16 5:15 p.m.20 views

Design/Logic Flaw

MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users...

5CVSS7.6AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVDadded 2021/02/24 12:0 a.m.3 views

Foreman Information Disclosure Vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides service provisioning, configuration management, and status reporting. An information disclosure vulnerability exists in Foreman project, which can be exploited by a local attacker to expose...

7.8CVSS7.1AI score0.00114EPSS
Exploits0References2
CERT
CERTadded 2001/05/17 12:0 a.m.31 views

KDE2 kdesu 'keep password' option does not verify socket listener potentially exposing su password

Overview kdesu is a interactive interface to the substitute user su command for the KDE environment. To pass authentication information, it creates a file that may be read by unauthorized users. Description kdesu communicates with su using a socket, implemented as a file in /tmp with a predictabl...

2.1CVSS6.3AI score0.00102EPSS
Exploits0References6
Rows per page
Query Builder