Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/17 9:1 p.m.2 views

CVE-2026-40303

zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, endpoints.GetSessionCookie parses an attacker-supplied cookie chunk count and calls makestring, count with no upper bound before any token validation occurs. The function is reached on every request t...

7.5CVSS5.8AI score0.00032EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2024/05/21 6:26 p.m.7 views

GHSA-6WQP-7G94-F69J sensiolabs/connect has a Cross-Site Request Forgery Vulnerability

Versions of sensiolabs/connect prior to 4.2.3 are affected by a Cross-Site Request Forgery CSRF vulnerability due to the absence of the state parameter in OAuth requests. The lack of proper state parameter handling exposes applications to CSRF attacks during the OAuth authentication flow...

6.1CVSS7.4AI score
Exploits0References4
Hacker One
Hacker Oneadded 2014/03/11 8:5 p.m.24 views

Coinbase: Coinbase Android Security Vulnerabilities

My name is Bryan Stern and I am Android Software Engineer. Last night I took another look at your Android application and found some disturbing vulnerabilities that could allow for a user's account to be hijacked. Fortunately, they are very easy to resolve. Below I have outlined the issue, gave...

6.9AI score
Exploits0
Rows per page
Query Builder