Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2024/11/01 9:21 p.m.51 views

CVE-2024-9191

The CVE concerns Okta Verify on Windows where the Device Access feature exposes the OktaDeviceAccessPipe, enabling a compromised device user to retrieve passwords for Desktop MFA passwordless logins. Affected component: Okta Verify agent for Windows with Okta Device Access passwordless feature en...

7.8CVSS6.9AI score0.00237EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2024/11/01 9:21 p.m.11 views

CVE-2024-9191

The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered via routine...

7.1CVSS6.9AI score0.00237EPSS
Exploits0References2
The Hacker News
The Hacker Newsadded 2022/05/05 1:43 p.m.19 views

Google to Add Passwordless Authentication Support to Android and Chrome

Google today announced plans to implement support for passwordless logins in Android and the Chrome web browser to allow users to seamlessly and securely sign in across different devices and websites irrespective of the platform. "This will simplify sign-ins across devices, websites, and...

0.1AI score
Exploits0
OSV
OSVadded 2021/03/17 6:15 a.m.4 views

DEBIAN-CVE-2017-20002

The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH hence bypassing PAM's nulloksecure configuration. Thi...

7.8CVSS7.3AI score0.00052EPSS
Exploits1References1
ThreatPost
ThreatPostadded 2019/02/25 2:17 p.m.88 views

Google Ditches Passwords in Latest Android Devices

Half of all Android users can now log into apps and websites on their devices – without having to remember a cumbersome password. On Monday, Google and the Fast IDentity Online FIDO Alliance announced that devices running Android 7 or later are certified by the FIDO2 standard, meaning that users...

0.3AI score
Exploits0References7
Wired Threat Level
Wired Threat Leveladded 2019/02/25 11:0 a.m.66 views

Android Is Helping Kill Passwords on a Billion Devices

By officially certifying the FIDO2 standard, the mobile OS will soon allow logins to sites and services without having to put in a password...

3.2AI score
Exploits0
OSV
OSVadded 2018/05/01 5:29 p.m.0 views

UBUNTU-CVE-2017-18264

An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg'Servers'$i'AllowNoPassword' = false are bypassed under certain PHP versions e.g., version 5. This can allow the login of users who have no...

9.8CVSS7.3AI score0.00305EPSS
Exploits0References6
OSV
OSVadded 2007/09/21 12:0 a.m.24 views

DSA-1376-1 kdebase - programming error

Bulletin has no description...

6.8CVSS5.9AI score0.00155EPSS
Exploits0
Rows per page
Query Builder