Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/03/04 9:58 p.m.4 views

EUVD-2026-9499

Langchain Helm Charts are Helm charts for deploying Langchain applications on Kubernetes. Prior to langchain-ai/helm version 0.12.71, a URL parameter injection vulnerability existed in LangSmith Studio that could allow unauthorized access to user accounts through stolen authentication tokens. The...

8.5CVSS6AI score0.00292EPSS
Exploits0References1
NVD
NVDadded 2026/01/06 4:15 p.m.2 views

CVE-2020-36907

Aerohive HiveOS contains a denial of service vulnerability in the NetConfig UI that allows unauthenticated attackers to render the web interface unusable. Attackers can send a crafted HTTP request to the action.php5 script with specific parameters to trigger a 5-minute service disruption...

8.7CVSS0.0048EPSS
Exploits1References8
Github Security Blog
Github Security Blogadded 2025/11/19 6:47 p.m.4 views

authentik's invitation expiry is delayed by at least 5 minutes

Summary In previous authentik versions, invitations were considered valid regardless if they are expired or not, thus relying on background tasks to clean up expired ones. In a normal scenario this can take up to 5 minutes because the cleanup of expired objects is scheduled to run every 5 minutes...

5.8CVSS6.9AI score0.00208EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2025/11/19 5:3 p.m.3 views

EUVD-2025-198187

authentik is an open-source Identity Provider. Prior to versions 2025.8.5 and 2025.10.2, in previous authentik versions, invitations were considered valid regardless if they are expired or not, thus relying on background tasks to clean up expired ones. In a normal scenario this can take up to 5...

5.8CVSS5.9AI score0.00208EPSS
Exploits0References4
OSV
OSVadded 2025/11/12 9:30 p.m.2 views

GHSA-C978-WQ47-PVVW sudo-rs: Partial password reveal is possible after timeout

Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...

3.8CVSS6.5AI score0.0012EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2024/05/13 12:0 a.m.5 views

PT-2024-25687 · Mantisbt · Mantisbt

Name of the Vulnerable Software and Affected Versions: MantisBT versions prior to 2.26.2 Description: Insufficient access control in the registration and password reset process allows an attacker to reset another user's password and takeover their account, if the victim has an incomplete request...

7.3CVSS7AI score0.01186EPSS
Exploits1References11
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2010/05/17 7:42 a.m.1 views

Interstage Application Server vulnerable in request processing

Overview The Servlet service provided by the Interstage Application Server from Fujitsu Limited, contains a vulnerability where certain requests are not processed properly. The Servlet service provided by the Interstage Application Server from Fujitsu Limited, contains a vulnerability where certa...

6.4CVSS6.6AI score0.01564EPSS
Exploits0References9
Rows per page
Query Builder