Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

168 matches found

UbuntuCve
UbuntuCveadded 2026/05/25 9:16 p.m.8 views

CVE-2026-43828

Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected...

6.5CVSS5.8AI score0.00024EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/25 8:19 p.m.7 views

EUVD-2026-31734

Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected...

5.9CVSS5.8AI score0.00024EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/05/25 8:19 p.m.7 views

CVE-2026-43828

Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected...

6.5CVSS5.8AI score0.00024EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/05/25 8:19 p.m.8 views

CVE-2026-43828 Apache Shiro: Shiro's native session and rememberMe cookies do not have secure flag set by default

Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected...

5.9CVSS5.8AI score0.00024EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.10 views

PT-2026-43119

Name of the Vulnerable Software and Affected Versions Apache Shiro versions 1.0 through 2.1.0 Apache Shiro version 3.0.0-alpha-1 Description Default configurations cause the Shiro-native session manager and the Remember-Me manager to send JSESSIONID and rememberMe cookies without the 'Secure'...

6.5CVSS5.8AI score0.00024EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/05/22 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016731)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016731 advisory. In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from...

9.6CVSS6.7AI score0.63828EPSS
Exploits2References4
Packet Storm
Packet Stormadded 2026/05/05 12:0 a.m.42 views

📄 Traccar GPS Tracking System 6.11.1 Cross-Site WebSocket Hijacking

Traccar GPS Tracking System version 6.11.1 cross-site websocket hijacking proof of concept exploit. Exploit Title: Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking CSWSH Date: 2026-02-26 Exploit Author: Hazar Taspinar Vendor Homepage: https://www.traccar.org/ Software Link:...

7.1CVSS5.7AI score0.00112EPSS
Exploits4
CVE
CVEadded 2026/02/23 8:44 p.m.13 views

CVE-2025-68930

Traccar open-source GPS tracking system versions up to 6.11.1 are affected by a Cross-Site WebSocket Hijacking (CSWSH) in the /api/socket endpoint. The vulnerability arises from the application not validating the Origin header during the WebSocket handshake, allowing an attacker to bypass Same-Or...

7.1CVSS5.5AI score0.00112EPSS
Exploits4References1Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-7882

Malware in sbrugna...

4.7CVSS5AI score0.00358EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-18250

Malware in sbrugna...

9.8CVSS9.2AI score0.00377EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-7086

Malware in sbrugna...

7.5CVSS7.6AI score0.00441EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-25058

Malware in sbrugna...

8.1CVSS8.1AI score0.00255EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2015-8352

Malware in sbrugna...

6.5CVSS6.6AI score0.00308EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2016-4676

Malware in sbrugna...

8CVSS8.2AI score0.01486EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-9242

Malware in sbrugna...

8.1CVSS8.1AI score0.00509EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2013-4473

Malware in sbrugna...

5CVSS6.2AI score0.0025EPSS
Exploits2References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2010-0782

Malware in sbrugna...

5.8CVSS6.4AI score0.00694EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-7881

Malware in sbrugna...

8.8CVSS8.6AI score0.01403EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2001-1522

Malware in sbrugna...

5CVSS6.4AI score0.00387EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2010-0248

Malware in sbrugna...

5.8CVSS6.4AI score0.00694EPSS
Exploits1References6
Rows per page
Query Builder