CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

534 matches found

Vulnrichment•added 2025/12/04 8:38 p.m.•2 views

CVE-2025-27935 Authentication Bypass in OTP (One-time Passcode) IdP Adapter Integration Kit

The OTP Integration Kit for PingFederate fails to enforce HTTP method validation and state validation properly. The server advances the authentication state without verifying the OTP, thereby bypassing multi-factor authentication...

8.6CVSS6.7AI score0.00098EPSS

Exploits0References2

Cvelist•added 2025/12/04 8:38 p.m.•20 views

CVE-2025-27935 Authentication Bypass in OTP (One-time Passcode) IdP Adapter Integration Kit

8.6CVSS0.00098EPSS

Exploits0References2

CVE•added 2025/12/04 8:38 p.m.•6 views

CVE-2025-27935

The CVE-2025-27935 issue concerns the OTP Integration Kit for PingFederate. According to connected sources, it fails to enforce HTTP method validation and state validation, allowing the server to advance authentication without verifying the OTP and effectively bypassing multi-factor authenticatio...

8.6CVSS6.7AI score0.00098EPSS

Exploits0References2

CNNVD•added 2025/12/04 12:0 a.m.•1 views

Ping Identity One-Time Passcode Integration Kit for PingFederate 安全漏洞

Ping Identity One-Time Passcode Integration Kit for PingFederate is a suite of software tools and adapters from Ping Identity USA. A security vulnerability exists in Ping Identity One-Time Passcode Integration Kit for PingFederate that stems from not properly validating the HTTP method and state,...

8.6CVSS6.6AI score0.00098EPSS

Exploits0References2

The Hacker News•added 2025/11/26 4:29 a.m.•8 views

FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams

The U.S. Federal Bureau of Investigation FBI has warned that cybercriminals are impersonating financial institutions with an aim to steal money or sensitive information to facilitate account takeover ATO fraud schemes. The activity targets individuals, businesses, and organizations of varied size...

9.8CVSS8.8AI score0.8949EPSS

Exploits22