Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

CVE
CVEadded 2020/05/05 9:30 p.m.96 views

CVE-2020-11035

In GLPI, CVE-2020-11035 affects versions after 0.83.3 and before 9.4.6, where CSRF tokens are generated using an insecure algorithm (rand, uniqid, MD5). The issue is addressed in version 9.4.6. This vulnerability arises from the token generation mechanism, not from network access details in the p...

9.3CVSS8.2AI score0.00244EPSS
Exploits0References3Affected Software1
FreeBSD
FreeBSDadded 2020/03/30 12:0 a.m.31 views

glpi -- weak csrf tokens

MITRE Corporation reports: In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6...

9.3CVSS3.7AI score0.00244EPSS
Exploits0References3
OSV
OSVadded 2019/03/27 2:29 p.m.0 views

CVE-2019-9863

Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm system FUAA50000 3.01.01 and its remote controls FUBE50014 and FUBE50015, an attacker is able to predict valid future rolling codes, and can thus remotely control the alarm system in an unauthorized way...

9.8CVSS7.3AI score
Exploits0References1
NVD
NVDadded 2019/03/27 2:29 p.m.8 views

CVE-2019-9863

Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm system FUAA50000 3.01.01 and its remote controls FUBE50014 and FUBE50015, an attacker is able to predict valid future rolling codes, and can thus remotely control the alarm system in an unauthorized way...

10CVSS9.4AI score0.00803EPSS
Exploits1References1
Veracode
Veracodeadded 2017/09/29 7:51 a.m.9 views

Insecure Hash Algorithm

Cordova-Plugin-Device is using the insecure hash algorithm MD5. The use of the insecure hash algorithm for system device information allows an attacker to easily predict the value...

6.4AI score
Exploits0
CVE
CVEadded 2017/08/18 6:0 p.m.46 views

CVE-2014-9969

CVE-2014-9969 concerns Qualcomm GPS client cryptography on Android CAF builds using the Linux kernel, where the GPS client may use an insecure cryptographic algorithm. Connected documents corroborate this description (Android/Qualcomm stack). The provided sources do not include concrete patch ver...

10CVSS8.8AI score0.00066EPSS
Exploits0References1Affected Software1
CNVD
CNVDadded 2016/01/30 12:0 a.m.1 views

OpenSSL Insecure Algorithm Use Vulnerability

OpenSSL is an open source capable of implementing the Secure Sockets Layer and Secure Transport Layer protocols for a common cryptographic library. A security vulnerability exists in OpenSSL that allows remote attackers to complete the SSLv2 handshake process using disabled SSLv2 encryption...

6.9AI score
Exploits2References1
securityvulns
securityvulnsadded 2008/02/05 12:0 a.m.39 views

[DSECRG-08-008] Textpattern 4.0.5 Multiple Security Vulnerabilities

Digital Security Research Group DSecRG Advisory DSECRG-08-008 Application: Txp CMS Versions Affected: 4.0.5 Vendor URL: http://www.textpattern.com Bugs: DOS, multiple XSS, etc. Exploits: YES Reported: 11.01.2008 Vendor response: 14.01.2008 Patch Released: 03.02.2008 Date of Public Advisory:...

6.4AI score
Exploits0
Rows per page
Query Builder