Lucene search
+L

217 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-28110

Malicious code in bioql PyPI...

9.8CVSS9AI score0.21914EPSS
Exploits3References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-5339

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01048EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-42799

Malicious code in bioql PyPI...

9.8CVSS8.8AI score0.00802EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/09/11 7:44 p.m.4 views

CVE-2025-10127 Daikin Europe N.V Security Gateway Weak Password Recovery Mechanism for Forgotten Password

Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...

9.8CVSS6.4AI score0.00607EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/11 4:26 p.m.3 views

CVE-2025-32486

Weak Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue affects Material Dashboard: from n/a through = 1.4.6...

9.8CVSS7.2AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 5:15 p.m.3 views

CVE-2025-32486

Weak Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue affects Material Dashboard: from n/a through = 1.4.6...

9.8CVSS0.00319EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 4:25 p.m.31 views

CVE-2025-32486

CVE-2025-32486 exists in the WordPress plugin “Material Dashboard” (Hossein Material Dashboard) up to version 1.4.6. The connected documents identify an unauthenticated privilege-escalation vulnerability linked to a weak password-recovery mechanism, enabling elevation of privileges within affecte...

9.8CVSS7.2AI score0.00319EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.10 views

PT-2025-36756

Name of the Vulnerable Software and Affected Versions: Hossein Material Dashboard versions n/a through 1.4.6 Description: A weakness exists in the password recovery mechanism for forgotten passwords in Hossein Material Dashboard. This issue could allow unauthorized access to accounts...

9.8CVSS8.6AI score0.00319EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-28632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 0.83 and prior to versions 9.5.13 and 10.0.7, an authenticated user can modify emai...

8.1CVSS7.5AI score0.00677EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:42 p.m.9 views

CVE-2021-36436

An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint...

5.3CVSS6.5AI score0.00523EPSS
Exploits1
Cvelist
Cvelist
added 2025/04/24 12:0 a.m.39 views

CVE-2025-29529

ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discovered to contain a SQL injection vulnerability via the component Forgotpassword.aspx...

0.0028EPSS
Exploits0References2
OSV
OSV
added 2025/03/10 3:15 p.m.4 views

CVE-2024-12604

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap&Sign App: before V.1.025...

6.5CVSS5.8AI score0.00188EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/15 12:0 a.m.7 views

WordPress plugin Front End Users 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS7.8AI score0.00297EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.6 views

SourceBans++ 安全漏洞

SourceBans++ is a global administration, banning and communication management system for the Source engine by the SourceBans++ Dev team. A security vulnerability exists in SourceBans++ versions prior to v.1.8.0. A remote attacker can exploit this vulnerability to obtain sensitive information via ...

7.5CVSS6.4AI score0.00463EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/01 12:0 a.m.19 views

Synology DiskStation Manager Weak Password Recovery Mechanism for Forgotten Password (CVE-2018-8916)

Unverified password change vulnerability in Change Password in Synology DiskStation Manager DSM before 6.2-23739 allows remote authenticated users to reset password without verification. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

8.8CVSS7.3AI score0.00977EPSS
Exploits0References2
NVD
NVD
added 2024/09/25 1:15 a.m.45 views

CVE-2024-8878

The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05...

10CVSS0.01265EPSS
Exploits2References2
NVD
NVD
added 2024/09/16 1:15 a.m.23 views

CVE-2024-8880

A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7. Affected is an unknown function of the file /playsms/index.php?app=main&inc=coreauth&route=forgot&op=forgot of the component Template Handler. The manipulation of the argument username/email/captcha leads to...

9.8CVSS0.00682EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2024/07/31 9:17 a.m.22 views

CVE-2024-42080

In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Fix potential invalid address access struct rdmarestrackentry's kernname was set to KBUILDMODNAME in ibcreatecq, while if the module exited but forgot del this rdmarestrackentry, it would cause a invalid address...

5.5CVSS7AI score0.0023EPSS
Exploits0References4
NVD
NVD
added 2024/07/09 4:15 a.m.24 views

CVE-2024-39597

In SAP Commerce, a user can misuse the forgotten password functionality to gain access to a Composable Storefront B2B site for which early login and registration is activated, without requiring the merchant to approve the account beforehand. If the site is not configured as isolated site, this ca...

7.2CVSS0.00282EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 3:48 a.m.16 views

CVE-2024-39597 [CVE-2024-39597] Improper Authorization Checks on Early Login Composable Storefront B2B sites of SAP Commerce

In SAP Commerce, a user can misuse the forgotten password functionality to gain access to a Composable Storefront B2B site for which early login and registration is activated, without requiring the merchant to approve the account beforehand. If the site is not configured as isolated site, this ca...

7.2CVSS0.00282EPSS
Exploits0References2
Rows per page
Query Builder