EUVD-2025-3980

Malicious code in bioql PyPI...

CVE-2025-24899

reNgine is an automated reconnaissance framework for web applications. A vulnerability was discovered in reNgine, where an insider attacker with any role such as Auditor, Penetration Tester, or Sys Admin can extract sensitive information from other reNgine users. After running a scan and obtainin...

CVE-2025-24899

The CVE concerns reNgine, an automated reconnaissance framework for web apps. A flaw allows an insider with any role (e.g., Auditor, Penetration Tester, Sys Admin) to exfiltrate sensitive data from other reNgine users via a GET request to /api/listVulnerability/ after scanning targets. Affected d...

CVE-2025-24899 Disclosure of Sensitive User Information via API in reNgine

reNgine is an automated reconnaissance framework for web applications. A vulnerability was discovered in reNgine, where an insider attacker with any role such as Auditor, Penetration Tester, or Sys Admin can extract sensitive information from other reNgine users. After running a scan and obtainin...

reNgine 信息泄露漏洞

reNgine is an automated reconnaissance framework for web applications from the individual developer Yogesh Ojha. Focused on a highly configurable streamlined scouting process supported by an engine, scouting data correlation and organization, continuous monitoring, supported by a database and a...

ScreenCheck BadgeMaker 安全漏洞

ScreenCheck BadgeMaker is a suite of applications from ScreenCheck that allow clients to design, create and manipulate identity badges. A security vulnerability exists in ScreenCheck BadgeMaker version 2.6.2.0, which stems from the presence of an information leak that can be exploited by an insid...

Improper access control

An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sort of authorization or authentication due to the IP based authorization. If an authorized user has accessed a publicly available B420 product using valid credentials, an...