Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/28 5:9 p.m.1 views

CVE-2026-5794

A vulnerability affecting the detailed versions of Cryptobox allows a legitimate user to prevent another to login by triggering an account lockout via sending a specially crafted request...

7.1CVSS5.2AI score0.00057EPSS
Exploits0References2
NVD
NVDadded 2026/02/05 4:15 p.m.5 views

CVE-2025-68722

Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery CSRF vulnerability in the WebAdmin interface through improper handling of the s breadcrumb parameter. The application accepts state-changing requests via the GET method and automatically processes...

8.8CVSS0.00035EPSS
Exploits1References3
NVD
NVDadded 2025/10/31 9:15 a.m.3 views

CVE-2025-30189

When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted...

7.4CVSS0.00011EPSS
Exploits0References3
OSV
OSVadded 2025/08/05 11:15 p.m.5 views

CVE-2025-8573

Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this...

4.8CVSS6AI score
Exploits0References2
OSV
OSVadded 2024/06/11 12:15 p.m.0 views

CVE-2024-35211

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server, after a successful login, sets the session cookie on the browser, without applying any security attributes such as “Secure”, “HttpOnly”, or “SameSite”...

6.8CVSS7AI score
Exploits0References1
RedHat Linux
RedHat Linuxadded 2019/01/10 9:4 a.m.4 views

jenkins: forced migration of user records (SECURITY-1072)

A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into...

8.2CVSS5.8AI score0.0621EPSS
Exploits1References4
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2011/08/16 7:44 a.m.1 views

Aipo vulnerable to SQL injection

Overview Aipo contains a SQL injection vulnerability. Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-office blogging. Aipo contains a SQL injection vulnerability. Tsuyoshi Yamaguchi of Digiplate, inc. reported this vulnerability to IPA. JPCERT/CC coordinated...

7.5CVSS7.6AI score0.00354EPSS
Exploits0References5
Rows per page
Query Builder