Lucene search
+L

38 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-2261

Malware in sbrugna...

7.5CVSS7.6AI score0.02384EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2021-9989

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01527EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-9990

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01969EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-47111

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.0037EPSS
Exploits0References2
NVD
NVD
added 2024/06/14 9:15 a.m.24 views

CVE-2024-5996

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
CVE
CVE
added 2024/06/14 8:22 a.m.47 views

CVE-2024-5996

The CVE has a rejection note in the Initial Description, but connected data provides concrete details: Soar Cloud HR Portal is affected. The PT-Security entry PT-2024-37301 reports that notification emails from Soar Cloud HR Portal include links with embedded session data and are sent without enc...

8.6AI score
Exploits0
Cvelist
Cvelist
added 2024/06/14 8:22 a.m.22 views

CVE-2024-5996

...

Exploits0
NVD
NVD
added 2024/06/14 8:15 a.m.21 views

CVE-2024-5995

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The expiration of the session is not properly configured, remaining valid for more than 7 days and can be reused...

8.8CVSS0.0037EPSS
Exploits0References2
CVE
CVE
added 2024/06/14 7:18 a.m.68 views

CVE-2024-5995

CVE-2024-5995 affects Soar Cloud HR Portal. The issue is insufficient session expiration: a link sent via notification emails contains an embedded session that is not properly expired and can remain valid for more than 7 days, enabling reuse. The vulnerability has a CVSSv3.1 base score of 8.8 (HI...

8.8CVSS8.8AI score0.0037EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/14 7:18 a.m.21 views

CVE-2024-5995 Soar Cloud HR Portal - Insufficient Session Expiration

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The expiration of the session is not properly configured, remaining valid for more than 7 days and can be reused...

8.8CVSS7AI score0.0037EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/14 7:18 a.m.36 views

CVE-2024-5995 Soar Cloud HR Portal - Insufficient Session Expiration

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The expiration of the session is not properly configured, remaining valid for more than 7 days and can be reused...

8.8CVSS0.0037EPSS
Exploits0References2
OSV
OSV
added 2023/09/07 3:15 a.m.5 views

CVE-2023-34357

Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has...

7.8CVSS5.7AI score0.00169EPSS
Exploits0References1
Prion
Prion
added 2023/09/07 3:15 a.m.18 views

Default credentials

Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has...

4.3CVSS7.7AI score0.00169EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/07 2:0 a.m.42 views

CVE-2023-34357

Soar Cloud Ltd. HR Portal is affected by CVE-2023-34357 due to a weak password recovery mechanism: the password-reset link sent by email remains valid after a reset and past its expiration, enabling an attacker who can access the link (e.g., via browser history) to reuse it and change the passwor...

7.8CVSS7.7AI score0.00169EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/07 2:0 a.m.15 views

CVE-2023-34357 Soar Cloud Ltd. HR Portal - Weak Password Recovery Mechanism for Forgotten Password

Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has...

7.8CVSS7AI score0.00169EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/06 12:0 a.m.4 views

PT-2023-24837 · Soar Cloud · Soar Cloud Ltd. Hr Portal

Name of the Vulnerable Software and Affected Versions: Soar Cloud Ltd. HR Portal affected versions not specified Description: The issue concerns a weak Password Recovery Mechanism for Forgotten Password in the Soar Cloud Ltd. HR Portal. The reset password link sent out through e-mail remains vali...

7.8CVSS7.5AI score0.00169EPSS
Exploits0References6
OSV
OSV
added 2021/02/17 2:15 p.m.8 views

CVE-2021-22855

The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands...

9.8CVSS7.5AI score0.01969EPSS
Exploits0References2
NVD
NVD
added 2021/02/17 2:15 p.m.28 views

CVE-2021-22855

The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands...

9.8CVSS0.01969EPSS
Exploits0References2
NVD
NVD
added 2021/02/17 2:15 p.m.26 views

CVE-2021-22854

The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege...

7.5CVSS0.01527EPSS
Exploits0References2
NVD
NVD
added 2021/02/17 2:15 p.m.24 views

CVE-2021-22853

The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information, further causing the login function not to work...

5.5CVSS0.01005EPSS
Exploits0References2
Rows per page
Query Builder