Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2 days ago10 views

CVE-2026-33543

FOSSBilling versions 0.7.2 and earlier expose a guest API endpoint /api/guest/staff/create intended for initial admin bootstrap. A flawed admin-existence check (is_countable() used on a Model_Admin object or null) makes the guard always evaluate true, allowing unauthenticated creation of an admin...

9.3CVSS5.8AI score0.00289EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/05/06 4:59 p.m.11 views

Nginx-UI: Unauthenticated First-Run Installer Allows Remote Initial Admin Claim

Summary An unauthenticated network attacker can claim the initial administrator account on a fresh nginx-ui instance during the first-run setup window. The public /api/install endpoint is reachable without authentication, and the request-encryption flow only protects payload confidentiality in...

9.8CVSS5.9AI score0.00346EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2025/08/07 5:22 a.m.4 views

CVE-2025-35970

On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the...

8.7CVSS6.4AI score0.00418EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/08/07 12:0 a.m.2 views

FUJIFILM FRONTIER DX400W 安全漏洞

FUJIFILM FRONTIER DX400W is a compact photo inkjet printer from Fujifilm FUJIFILM Japan. A security vulnerability exists in the FUJIFILM FRONTIER DX400W that stems from the initial administrator password being guessable, which could result in elevated privileges...

8.7CVSS7.6AI score0.00418EPSS
Exploits0References3
OSV
OSVadded 2020/09/10 2:15 p.m.2 views

CVE-2020-24739

A CSRF vulnerability was found in iCMS v7.0.0 in the background deletion administrator account. When missing the CSRFTOKEN and can still request normally, all administrators except the initial administrator will be deleted...

6.5CVSS6.5AI score0.00402EPSS
Exploits1References1
RedHat Linux
RedHat Linuxadded 2013/11/12 4:13 p.m.4 views

Satellite: Interface to create the initial administrator user remains open after installation

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts...

7.5CVSS5.9AI score0.02134EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/11/12 4:6 p.m.4 views

Satellite: Interface to create the initial administrator user remains open after installation

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts...

7.5CVSS5.9AI score0.02134EPSS
Exploits0References4
Rows per page
Query Builder