Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-17941

Malware in sbrugna...

9.3CVSS8.2AI score0.0731EPSS
Exploits0References2
OSV
OSVadded 2025/08/11 5:24 p.m.4 views

GO-2025-3840 Hashicorp Vault has Lockout Feature Authentication Bypass in github.com/hashicorp/vault

Hashicorp Vault has Lockout Feature Authentication Bypass in github.com/hashicorp/vault...

5.3CVSS7.2AI score0.00381EPSS
Exploits0References3
OSV
OSVadded 2025/08/01 6:31 p.m.3 views

GHSA-QGJ7-FMQ2-6CC4 Hashicorp Vault has Lockout Feature Authentication Bypass

Vault and Vault Enterprise’s “Vault” user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...

5.3CVSS6.4AI score0.00381EPSS
Exploits0References3
Veracode
Veracodeadded 2023/12/15 6:32 a.m.28 views

Cleartext Storage Of Sensitive Information

oic-auth is vulnerable to Cleartext Storage of Sensitive Information. The vulnerability is due to a password of a local user account stored in plain text. This password is used as an anti-lockout feature. An attacker with access to jenkins controller file system can recover this password and like...

6.7CVSS6.9AI score0.00286EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2023/12/13 6:15 p.m.24 views

Format string

Jenkins OpenId Connect Authentication Plugin 2.6 and earlier stores a password of a local user account used as an anti-lockout feature in a recoverable format, allowing attackers with access to the Jenkins controller file system to recover the plain text password of that account, likely gaining...

4CVSS7AI score0.00286EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/06/08 5:15 p.m.2 views

CVE-2022-28386

An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for lockout e.g., requiring a reformat of the drive after 20 failed unlock attempts does not work as specified. More than 20 attempts may be made. This affects Keypad Secure USB 3.2 Gen 1 Drive Part Number...

4.6CVSS5.8AI score0.00487EPSS
Exploits1References9
RedHat Linux
RedHat Linuxadded 2021/09/14 12:37 p.m.2 views

keycloak: Brute force attack is possible even after the account lockout

A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality...

7.5CVSS5.7AI score0.00661EPSS
Exploits0References4
CISA
CISAadded 2016/01/19 12:0 a.m.9 views

IRS Releases Ninth Security Tip

The Internal Revenue Service IRS has released the ninth in a series of tips intended to help the public protect personal and financial data online and at home. This tip describes new procedures taken by the IRS, state governments, and the tax industry to provide a safer, more secure filing...

6.9AI score
Exploits0References1
Rows per page
Query Builder