Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-28142

Malicious code in bioql PyPI...

6CVSS6.5AI score0.00036EPSS
Exploits0References2
CVE
CVEadded 2025/05/22 5:20 p.m.48 views

CVE-2025-48066

CVE-2025-48066 affects wire-webapp; a regression stopped the client from deleting local data on logout for both public and regular clients. Data could remain on the device, and in some cases encryption-at-rest cryptographic material could not be exported. The issue was fixed in wire-webapp versio...

6CVSS5.9AI score0.00036EPSS
Exploits0References2Affected Software1
Huntr
Huntradded 2023/07/11 8:38 a.m.24 views

Session is still valid after changing password

Description The application does not delete the old login session on the server side after changing the password. This poses a risk when a user uses a public computer and an attacker captures the login session. Even if the user has changed the password, the login session is still taken over by th...

7.5CVSS6.5AI score0.00078EPSS
Exploits0
ThreatPost
ThreatPostadded 2020/09/28 3:15 p.m.18 views

Twitter Warns Developers of API Bug That Exposed App Keys, Tokens

Twitter developers are being warned of a security bug that may have exposed their applications’ credential information – including sensitive application keys and access tokens. The issue stemmed from a caching issue in developer.twitter.com. When developers visited this website, it temporarily...

Exploits0References9
Malwarebytes
Malwarebytesadded 2018/06/08 3:0 p.m.54 views

Tips for safe summer travels: your cybersecurity checklist

Summer is just around the corner in the Northern Hemisphere, and with it comes vacation plans for many. Those looking to take some time away from work and home are likely making plans to secure their home, have their pets taken care of, and tie up loose ends at work. But how about securing your...

7.1AI score
Exploits0
Hacker One
Hacker Oneadded 2017/11/23 7:15 p.m.51 views

Coursera: No Password Verification on Changing Email Address Cause Account takeover

In coursera.org website, there is no password verification on changing email id. Generally when user try to change the password , they were asked to verify the request by entering old password. For the same reason a verification should be there on changing email. But the worst part is, when user...

1.4AI score
Exploits0
Hacker One
Hacker Oneadded 2017/07/02 1:6 p.m.100 views

WakaTime: Lack of Password Confirmation When Changing Email

When any user wants to change the password, current password is asked for proceeding the request. This should also be implemented on changing the email. Attack Scenerio : When some forget to logout from the account in a publc computer, anyone can change the email to its own and verify it. And aft...

0.9AI score
Exploits0
Rows per page
Query Builder