Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-12235

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00265EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/25 11:51 p.m.7 views

CVE-2025-42604

This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related...

6.9CVSS6.8AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 4:37 p.m.5 views

CVE-2025-42601

This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the Captcha in certain API endpoints. A remote attacker could exploit this vulnerability by intercepting the request and removing the Captcha parameter leading to bypassing the Captcha verification...

8.2CVSS6.9AI score0.00342EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/23 10:43 a.m.6 views

CVE-2025-42604 Detailed Error Response Vulnerability in Meon KYC solutions

This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related...

6.9CVSS6.8AI score0.00392EPSS
Exploits0References1
CVE
CVE
added 2025/04/23 10:43 a.m.48 views

CVE-2025-42604

CVE-2025-42604 affects Meon KYC solutions. The root cause is that debug mode is enabled in certain API endpoints, which an attacker could access to receive unauthorized API responses that disclose detailed system information. The available documents describe the vulnerability as an information di...

6.9CVSS6.4AI score0.00392EPSS
Exploits0References1
CVE
CVE
added 2025/04/23 10:38 a.m.61 views

CVE-2025-42603

Meon KYC solutions are affected by a data leakage vulnerability where sensitive information is transmitted in plaintext in API response payloads. An authenticated remote attacker could intercept unencrypted data belonging to other users and impersonate the target user to gain unauthorized access....

8.7CVSS6.2AI score0.00265EPSS
Exploits0References1
CVE
CVE
added 2025/04/23 10:36 a.m.54 views

CVE-2025-42602

CVE-2025-42602 affects Meon KYC solutions. The connected documents describe an improper handling of access and refresh tokens in certain authentication API endpoints, enabling a remote attacker to intercept/manipulate API responses and gain unauthorized access to other user accounts. The vulnerab...

8.2CVSS6.7AI score0.00355EPSS
Exploits0References1
CVE
CVE
added 2025/04/23 10:32 a.m.46 views

CVE-2025-42601

The CVE-2025-42601 entry concerns Meon KYC solutions with a flaw in server-side Captcha validation in certain API endpoints. The underlying issue is insufficient validation of the Captcha parameter, enabling a remote attacker to intercept a request and remove the Captcha parameter to bypass verif...

8.2CVSS6.5AI score0.00342EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/23 10:32 a.m.19 views

CVE-2025-42601 Captcha Bypass Vulnerability in Meon KYC solutions

This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the Captcha in certain API endpoints. A remote attacker could exploit this vulnerability by intercepting the request and removing the Captcha parameter leading to bypassing the Captcha verification...

8.2CVSS0.00342EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/23 10:25 a.m.7 views

CVE-2025-42600 Brute Force Attack Vulnerability in Meon KYC solutions

This vulnerability exists in Meon KYC solutions due to missing restrictions on the number of incorrect One-Time Password OTP attempts through certain API endpoints of login process. A remote attacker could exploit this vulnerability by performing a brute force attack on OTP, which could lead to...

8.2CVSS7.3AI score0.00372EPSS
Exploits0References1
CVE
CVE
added 2025/04/23 10:25 a.m.59 views

CVE-2025-42600

CVE-2025-42600 affects Meon KYC solutions and is tied to missing restrictions on the number of incorrect OTP attempts in certain login API endpoints. The vulnerability allows brute-forcing OTPs and could enable unauthorized access to other user accounts. Documented details consistently describe t...

8.2CVSS6.7AI score0.00372EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.6 views

PT-2025-17614 · Unknown · Meon Kyc Solutions

Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: This issue exists due to the transmission of sensitive data in plain text within the response payloads of certain API endpoints. An authenticated remote attacker could exploit th...

8.7CVSS6AI score0.00265EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.4 views

PT-2025-17612 · Unknown · Meon Kyc Solutions

Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: The issue is caused by insufficient server-side validation of the Captcha in certain API endpoints, allowing a remote attacker to bypass the Captcha verification mechanism by...

8.2CVSS6.1AI score0.00342EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.2 views

PT-2025-17611 · Unknown · Meon Kyc Solutions

Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: The issue is caused by missing restrictions on the number of incorrect One-Time Password OTP attempts through certain API endpoints of the login process. A remote attacker could...

8.2CVSS6.1AI score0.00372EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.4 views

PT-2025-17615 · Unknown · Meon Kyc Solutions

Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: The issue exists due to debug mode being enabled in certain API endpoints, allowing a remote attacker to exploit this by accessing unauthorized API endpoints. This leads to...

6.9CVSS6.1AI score0.00392EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.4 views

PT-2025-17613 · Unknown · Meon Kyc Solutions

Name of the Vulnerable Software and Affected Versions: Meon KYC solutions affected versions not specified Description: The issue arises from improper handling of access and refresh tokens in certain API endpoints of the authentication process. A remote attacker could exploit this by intercepting...

8.2CVSS6.4AI score0.00355EPSS
Exploits0References9
Rows per page
Query Builder