Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2024/09/03 9:21 p.m.20 views

CVE-2024-45618 Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...

3.9CVSS4AI score0.00116EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/09/03 9:20 p.m.21 views

CVE-2024-45617 Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...

3.9CVSS6.7AI score0.00145EPSS
Exploits0References2
Prion
Prionadded 2024/02/12 4:15 p.m.22 views

Authentication flaw

The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site,...

7.1AI score0.56304EPSS
Exploits3References1
WPVulnDB
WPVulnDBadded 2024/01/17 12:0 a.m.46 views

Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass

Description The plugin is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an...

6.5AI score0.56304EPSS
Exploits3Affected Software1
Huntr
Huntradded 2022/01/17 10:9 a.m.16 views

Improper Access Control in janeczku/calibre-web

Description With default settings, low-level users will not have permission to create new shelf with public mode. However, due to incorrect checking, the function does not work as intended. Steps To Reproduce - Step 1: Login with admin account and go to http://hostname:8083/admin/user/new. Create...

4CVSS5.2AI score0.00134EPSS
Exploits1
Ubuntu
Ubuntuadded 2017/09/04 3:44 p.m.50 views

USN-3409-1: FontForge vulnerabilities

It was discovered that FontForge was vulnerable to a heap-based buffer over-read. A remote attacker could use a crafted file to DoS or execute arbitrary code. CVE-2017-11568, CVE-2017-11569, CVE-2017-11572 It was discovered that FontForge was vulnerable to a stack-based buffer overflow. A remote...

7.8CVSS7.2AI score0.00635EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2017/03/27 12:0 a.m.31 views

Virtuozzo 7 : vmauth (VZA-2017-018)

According to the version of the vmauth package installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - Incorrect checking of locked VM accounts in Virtuozzo SDK allowed one to use any password to log in to a VM with such a locked account via a...

5.7AI score
Exploits0References1
Rows per page
Query Builder