Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2023/12/11 10:42 p.m.11 views

CVE-2023-49803 @koa/cors has overly permissive origin policy

@koa/cors npm provides Cross-Origin Resource Sharing CORS for koa, a web framework for Node.js. Prior to version 5.0.0, the middleware operates in a way that if an allowed origin is not provided, it will return an Access-Control-Allow-Origin header with the value of the origin from the request...

8.6CVSS8.7AI score0.00131EPSS
Exploits0References2
OSV
OSVadded 2023/12/11 9:46 p.m.22 views

GHSA-QXRJ-HX23-XP82 Overly permissive origin policy

Currently, the middleware operates in a way that if an allowed origin is not provided, it will return an Access-Control-Allow-Origin header with the value of the origin from the request. This behavior completely disables one of the most crucial elements of browsers - the Same Origin Policy SOP,...

8.6CVSS7.8AI score0.00131EPSS
Exploits0References4
OSV
OSVadded 2023/08/14 5:15 a.m.2 views

CVE-2023-3266

A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an...

9.8CVSS5.8AI score0.00093EPSS
Exploits0References1
OSV
OSVadded 2022/06/02 6:5 p.m.12 views

CVE-2022-31023 Dev error stack trace leaking into prod in Play Framework

Play Framework is a web framework for Java and Scala. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by...

5.9CVSS7.6AI score0.0043EPSS
Exploits0References5
myhack58
myhack58added 2018/12/07 12:0 a.m.45 views

Kubernetes user privilege elevation vulnerability, the exposure to security risks-vulnerability warning-the black bar safety net

Recently, Kubernetes open source container software found a key of a user privilege elevation vulnerability, CVE-2018-1002105, which software is today most of the cloud infrastructure of the fixed component. This vulnerability can allow an attacker unrestricted remote access, steal data, or cause...

0.1AI score0.90189EPSS
Exploits10
Tenable Nessus
Tenable Nessusadded 2011/05/20 12:0 a.m.26 views

Adobe Audition Installed

Adobe Audition, an audio and video production application, is installed on the remote Windows host. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid54605; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10";...

5.5AI score
Exploits0References1
Rows per page
Query Builder