Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/02/24 8:51 a.m.19 views

CVE-2024-1524 A local user can be impersonated when using federated authentication with Silent JIT Provisioning.

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider IDP there is a risk that a local user store user's information may be replaced during the account provisioning process in cases where federated users share the same username as local users. There will...

7.7CVSS0.00261EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-30912

Malicious code in bioql PyPI...

3.8CVSS6.6AI score0.00204EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/09/25 2:54 a.m.6 views

CVE-2025-0672

An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may...

3.3CVSS6.8AI score0.00204EPSS
Exploits0References1
NVD
NVDadded 2025/09/23 6:15 p.m.3 views

CVE-2025-0672

An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication is enabled. When a user account is deleted, the system does not automatically remove associated FIDO registration data. If a new user account is later created using the same username, the system may...

3.8CVSS0.00204EPSS
Exploits0References1
Huntr
Huntradded 2022/09/04 1:17 p.m.15 views

Multiple user accounts via same email and username

Description Nakama console does not validate uppercase/lowercase letters when creating a new user. This can be abused to create multiple user accounts with same email and username. Proof of Concept HTTP Request 1 request POST /v2/console/user HTTP/1.1 Host: 192.168.1.16:7351 Authorization: Bearer...

7AI score
Exploits0
Hacker One
Hacker Oneadded 2020/04/16 4:17 a.m.15 views

DRIVE.NET, Inc.: [www.drive2.ru] Insufficient Security Configurability - The user can using the same password as your current ID.

The current username and password can be set the same, making it easy to guess the password. As a weak password policy issue, The current username and password can be set the same, making it easy to guess the password. |Technical severity|VRT category| Specific vulnerability name|Variant / Affect...

1.8AI score
Exploits0
Cloud Foundry
Cloud Foundryadded 2018/12/10 12:0 a.m.27 views

CVE-2018-15754: UAA issues tokens across identity providers if users with matching usernames exist | Cloud Foundry

Severity Medium Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions UAA all versions in v60.x, v61.x, v62.x, v63.x, v64.x Description Cloud Foundry UAA, all versions in v60.x, v61.x, v62.x, v63.x, and v64.x contain an authorization logic error. In environments with multip...

8.2AI score0.01782EPSS
Exploits0
Rows per page
Query Builder