Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

NVD
NVDadded 2024/06/14 9:15 a.m.13 views

CVE-2024-5996

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
Cvelist
Cvelistadded 2024/06/14 8:22 a.m.17 views

CVE-2024-5996

...

Exploits0
CVE
CVEadded 2024/06/14 8:22 a.m.43 views

CVE-2024-5996

The CVE has a rejection note in the Initial Description, but connected data provides concrete details: Soar Cloud HR Portal is affected. The PT-Security entry PT-2024-37301 reports that notification emails from Soar Cloud HR Portal include links with embedded session data and are sent without enc...

8.6AI score
Exploits0
CNNVD
CNNVDadded 2021/04/27 12:0 a.m.2 views

NLnet Labs Unbound 注入漏洞

Unbound is a DNS resolver that supports validation, recursion, and caching features. A configuration injection vulnerability exists in createunboundadservers.sh in versions of Unbound prior to 1.9.5. A man-in-the-middle attacker can exploit this vulnerability to inject configuration via a plainte...

5.9CVSS8.4AI score0.00811EPSS
Exploits0References7
CNNVD
CNNVDadded 2021/03/16 12:0 a.m.4 views

TYPO3 跨站脚本漏洞

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. TYPO3 suffers from an information disclosure vulnerability that stems from user session identifiers being stored in plaintext. No details of the vulnerability are currently available...

7.5CVSS5.6AI score0.00132EPSS
Exploits0References5
CNNVD
CNNVDadded 2020/11/17 12:0 a.m.1 views

TYPO3 加密问题漏洞

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Typo3 Association. Typo3 is vulnerable to a cryptographic issue that stems from storing user session identifiers in plaintext. The vulnerability can be exploited in combination with other issues to...

8.1CVSS7.1AI score0.00177EPSS
Exploits0References4
CNVD
CNVDadded 2017/09/20 12:0 a.m.3 views

Apple iOS Exchange ActiveSync Authentication Vulnerability

Apple iOS is an operating system developed by Apple for mobile devices.Exchange ActiveSync is one of the Microsoft Exchange synchronization protocols. A security vulnerability exists in the Exchange ActiveSync component in versions of Apple iOS prior to 11. A remote attacker can exploit this...

7.1CVSS7.1AI score0.01577EPSS
Exploits0References1
NVD
NVDadded 2016/06/24 5:59 p.m.10 views

CVE-2016-5722

Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network...

7.5CVSS7.1AI score0.00207EPSS
Exploits0References1
OSV
OSVadded 2016/06/24 5:59 p.m.0 views

CVE-2016-5722

Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network...

7.3CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2016/06/24 5:59 p.m.13 views

Design/Logic Flaw

Huawei OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18800 V3, and 18500 V3 before V300R003C10 sends the plaintext session token in the HTTP header, which allows remote attackers to conduct replay attacks and obtain sensitive information by sniffing the network...

7.5CVSS6.8AI score0.00207EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder