16 matches found
EUVD-2025-12235
Malicious code in bioql PyPI...
CVE-2025-42604
This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related...
CVE-2025-42601
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the Captcha in certain API endpoints. A remote attacker could exploit this vulnerability by intercepting the request and removing the Captcha parameter leading to bypassing the Captcha verification...
CVE-2025-42604 Detailed Error Response Vulnerability in Meon KYC solutions
This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related...
CVE-2025-42604
CVE-2025-42604 affects Meon KYC solutions. The root cause is that debug mode is enabled in certain API endpoints, which an attacker could access to receive unauthorized API responses that disclose detailed system information. The available documents describe the vulnerability as an information di...
CVE-2025-42603
Meon KYC solutions are affected by a data leakage vulnerability where sensitive information is transmitted in plaintext in API response payloads. An authenticated remote attacker could intercept unencrypted data belonging to other users and impersonate the target user to gain unauthorized access....
CVE-2025-42602
CVE-2025-42602 affects Meon KYC solutions. The connected documents describe an improper handling of access and refresh tokens in certain authentication API endpoints, enabling a remote attacker to intercept/manipulate API responses and gain unauthorized access to other user accounts. The vulnerab...
CVE-2025-42601
The CVE-2025-42601 entry concerns Meon KYC solutions with a flaw in server-side Captcha validation in certain API endpoints. The underlying issue is insufficient validation of the Captcha parameter, enabling a remote attacker to intercept a request and remove the Captcha parameter to bypass verif...
CVE-2025-42601 Captcha Bypass Vulnerability in Meon KYC solutions
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the Captcha in certain API endpoints. A remote attacker could exploit this vulnerability by intercepting the request and removing the Captcha parameter leading to bypassing the Captcha verification...
CVE-2025-42600 Brute Force Attack Vulnerability in Meon KYC solutions
This vulnerability exists in Meon KYC solutions due to missing restrictions on the number of incorrect One-Time Password OTP attempts through certain API endpoints of login process. A remote attacker could exploit this vulnerability by performing a brute force attack on OTP, which could lead to...
CVE-2025-42600
CVE-2025-42600 affects Meon KYC solutions and is tied to missing restrictions on the number of incorrect OTP attempts in certain login API endpoints. The vulnerability allows brute-forcing OTPs and could enable unauthorized access to other user accounts. Documented details consistently describe t...
PT-2025-17614 · Unknown · Meon Kyc Solutions
Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: This issue exists due to the transmission of sensitive data in plain text within the response payloads of certain API endpoints. An authenticated remote attacker could exploit th...
PT-2025-17612 · Unknown · Meon Kyc Solutions
Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: The issue is caused by insufficient server-side validation of the Captcha in certain API endpoints, allowing a remote attacker to bypass the Captcha verification mechanism by...
PT-2025-17611 · Unknown · Meon Kyc Solutions
Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: The issue is caused by missing restrictions on the number of incorrect One-Time Password OTP attempts through certain API endpoints of the login process. A remote attacker could...
PT-2025-17615 · Unknown · Meon Kyc Solutions
Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: The issue exists due to debug mode being enabled in certain API endpoints, allowing a remote attacker to exploit this by accessing unauthorized API endpoints. This leads to...
PT-2025-17613 · Unknown · Meon Kyc Solutions
Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: The issue arises from improper handling of access and refresh tokens in certain API endpoints of the authentication process. A remote attacker could exploit this by intercepting...