Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/04/29 2:0 p.m.3 views

Malicious code in @corp-infra/sso-gateway-core (npm)

Dependency confusion and typosquatting campaign by threat actor "saif777". Packages use inflated version numbers 9999.9999.9999, 9999.9999.10000, 50.50.50, 7.66.5 to win version resolution in environments with private registries. All active packages execute a postinstall hook "node index.js" that...

5.9AI score
Exploits0References1
Kitploit
Kitploitadded 2024/05/15 12:30 p.m.58 views

Subhunter - A Fast Subdomain Takeover Tool

Subdomain takeover is a common vulnerability that allows an attacker to gain control over a subdomain of a target domain and redirect users intended for an organization's domain to a website that performs malicious activities, such as phishing campaigns, stealing user cookies, etc. It occurs when...

7.3AI score
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/05/18 2:19 a.m.1 views

SUSE CVE-2023-28319

A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...

5.9CVSS8.2AI score0.0032EPSS
Exploits1References67
HackRead
HackReadadded 2021/01/16 7:20 p.m.36 views

UK Police mistakenly deleted 150,000 arrest records in software glitch

By Waqas Reportedly, a software glitch wiped DNA and fingerprint data from the police computer. This is a post from HackRead.com Read the original post: UK Police mistakenly deleted 150,000 arrest records in software glitch...

1.9AI score
Exploits0
CNVD
CNVDadded 2019/06/13 12:0 a.m.2 views

Crossmatch Digital Crossmatch Digital Persona U.are.U 4500 Fingerprint Reader Encryption Issue Vulnerability

Crossmatch Digital Persona U.are.U 4500 Fingerprint Reader is a fingerprint reader from Crossmatch USA. An encryption issue vulnerability exists in version v24 of the Digital Persona U.are.U 4500 Fingerprint Reader, which can be exploited by an attacker to decrypt an encrypted fingerprint image b...

5.9CVSS6.8AI score0.00169EPSS
Exploits1References1
CNVD
CNVDadded 2015/04/28 12:0 a.m.1 views

Samsung Galaxy S5 Fingerprint Data Leakage Vulnerability

Samsung Galaxy S5 is a Samsung 4G smartphone product. A security vulnerability exists in the implementation of the Samsung Galaxy S5 in which the user's fingerprint information is used for authentication. The vulnerability allows an attacker running a program as root on a mobile device to directl...

6.6AI score
Exploits0References1
Rows per page
Query Builder