CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

151 matches found

RedhatCVE•added 2025/12/05 9:34 p.m.•9 views

CVE-2025-27935

The OTP Integration Kit for PingFederate fails to enforce HTTP method validation and state validation properly. The server advances the authentication state without verifying the OTP, thereby bypassing multi-factor authentication...

8.6CVSS7.1AI score0.00367EPSS

Exploits0References1

EUVD•added 2025/12/04 8:38 p.m.•5 views

EUVD-2025-201281

8.6CVSS6.6AI score0.00367EPSS

Exploits0References3

Positive Technologies•added 2025/12/04 12:0 a.m.•4 views

PT-2025-49136

8.6CVSS7.1AI score0.00367EPSS

Exploits0References3

RedhatCVE•added 2025/10/28 3:4 p.m.•3 views

CVE-2025-26862

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...

7AI score0.00312EPSS

Exploits0References1

EUVD•added 2025/10/27 3:30 p.m.•4 views

EUVD-2025-36181

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...

6.5AI score0.00312EPSS

Exploits0References3

NVD•added 2025/10/27 3:15 p.m.•4 views

CVE-2025-26862

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...

0.00312EPSS

Exploits0References2

CVE•added 2025/10/27 2:39 p.m.•12 views

CVE-2025-26862

CVE-2025-26862 affects Ping Identity PingFederate’s HTML Form Adapter when operating in non-default redirectless mode, where it can render authentication forms unexpectedly. This behavior may enable brute-force login attempts. The issue is described consistently across multiple sources (NVD, Red ...

6.6AI score0.00312EPSS

Exploits0References2

Cvelist•added 2025/10/27 2:39 p.m.•7 views

CVE-2025-26862 PingFederate unexpected browser flow initiation in redirectless mode

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...

0.00312EPSS

Exploits0References2

Vulnrichment•added 2025/10/27 2:39 p.m.•7 views

CVE-2025-26862 PingFederate unexpected browser flow initiation in redirectless mode

Unexpected authentication form rendering in HTML Form Adapter using only non-default redirectless mode in PingFederate allows authentication attempts which may enable brute force login attacks...

6.6AI score0.00312EPSS

Exploits0References2

Positive Technologies•added 2025/10/27 12:0 a.m.•3 views

PT-2025-43964

Name of the Vulnerable Software and Affected Versions PingFederate affected versions not specified Description A configuration issue in PingFederate’s HTML Form Adapter, specifically when operating in non-default redirectless mode, can lead to unexpected authentication form rendering. This allows...

6.5AI score0.00312EPSS

Exploits0References4

CNNVD•added 2025/10/27 12:0 a.m.•4 views

Ping Identity PingFederate 安全漏洞

Ping Identity PingFederate is a flagship software-based federation server from US-based Ping Identity, Inc. for identity management. A security vulnerability exists in Ping Identity PingFederate that stems from the HTML Form Adapter accidentally rendering authentication forms in a non-default no...

6.7AI score0.00312EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2014-8326

Malware in sbrugna...

6.4CVSS6.4AI score0.02906EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-43993

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00181EPSS

Exploits0References1