Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Prion
Prionadded 2023/08/17 10:15 p.m.13 views

Design/Logic Flaw

Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the Dispatch Plugin - Basic Authentication Provider plugin encounters an error when attempting to decode a JWT token. Any Dispatch users...

5CVSS7.6AI score0.00758EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2022/01/13 3:50 p.m.23 views

CVE-2022-23131 Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML

In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...

9.1CVSS10AI score0.95683EPSS
Exploits8References1
Rows per page
Query Builder