CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

93 matches found

NVD•added 2026/06/16 12:16 p.m.•9 views

CVE-2026-12225

syracom AG Secure Login 2FA for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnerability. An attacker with valid credentials for a user account can bypass the two-factor authentication flow by sending HTTP requests with a crafted User-Agent header containi...

8.7CVSS0.00481EPSS

Exploits0References5

Cvelist•added 2026/06/16 11:20 a.m.•27 views

CVE-2026-12225 syracom Secure Login (2FA) for Confluence allows 2FA bypass via spoofed User-Agent

8.7CVSS0.00481EPSS

Exploits0References4

EUVD•added 2026/06/16 11:20 a.m.•6 views

EUVD-2026-37066

8.7CVSS5.5AI score0.00481EPSS

Exploits0References4

CVE•added 2026/06/16 11:20 a.m.•20 views

CVE-2026-12225

CVE-2026-12225 affects syracom Secure Login (2FA) for Atlassian Jira, Confluence and Bitbucket (v3.4.0.x). The vulnerability enables an authentication bypass: an attacker with valid credentials can bypass 2FA by sending requests with a crafted User-Agent (e.g., AtlassianMobileApp, JIRA), allowing...

8.7CVSS5.6AI score0.00481EPSS

Exploits0References5

Positive Technologies•added 2026/06/16 12:0 a.m.•7 views

PT-2026-49655

Name of the Vulnerable Software and Affected Versions syracom AG Secure Login 2FA for Atlassian Jira, Confluence, and Bitbucket versions 3.4.0.x Description An authentication bypass exists where an attacker with valid user credentials can circumvent the two-factor authentication 2FA flow. By...

8.7CVSS6AI score0.00481EPSS

Exploits0References8

RedhatCVE•added 2026/01/13 10:53 p.m.•4 views

CVE-2025-67147

Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via the 'name', 'email', and 'comment' parameters in 1 submitcontact.php, the 'username' and 'passkey' parameters in 2 securelogin.php, and the 'loginid', 'pwfield', and 'loginkey' parameters in 3...

9.8CVSS8.7AI score0.00345EPSS

Exploits0References1

Fedora•added 2026/01/13 1:13 a.m.•9 views

[SECURITY] Fedora 42 Update: openssh-9.9p1-12.fc42

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

3.6CVSS7.3AI score0.00221EPSS

Exploits2

CNNVD•added 2026/01/12 12:0 a.m.•4 views

GYM-MANAGEMENT-SYSTEM 安全漏洞

GYM-MANAGEMENT-SYSTEM is a gym management system by Abhishek S Individual Developer. A security vulnerability exists in GYM-MANAGEMENT-SYSTEM version 1.0, which stems from the name, email, and comment parameters in submitcontact.php, username and passkey parameters in securelogin.php, and changes...

9.8CVSS7.7AI score0.00345EPSS

Exploits0References2

CVE•added 2026/01/12 12:0 a.m.•11 views

CVE-2025-67147

CVE-2025-67147 affects Gym-Management-System-PHP 1.0. Multiple SQL injection flaws exist in submit_contact.php (name, email, comment), secure_login.php (username, pass_key), and change_s_pwd.php (login_id, pwfield, login_key). Attackers can bypass authentication, run arbitrary SQL commands, modif...

9.8CVSS8.3AI score0.00345EPSS

Exploits0References1

Positive Technologies•added 2026/01/12 12:0 a.m.•4 views

PT-2026-2302

Name of the Vulnerable Software and Affected Versions Gym-Management-System-PHP version 1.0 Description The application contains multiple SQL Injection flaws. An attacker, whether authenticated or not, can potentially bypass authentication, execute arbitrary SQL commands, modify database records,...

9.8CVSS8.2AI score0.00345EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-6799

Malware in sbrugna...

7.5CVSS6.4AI score0.03631EPSS

Exploits1References10

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2009-1893

Malware in sbrugna...

5CVSS6.3AI score0.01442EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2012-4418

Malware in sbrugna...

5.8CVSS6.4AI score0.01481EPSS

Exploits1References8

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2006-6798

Malware in sbrugna...

6CVSS6.4AI score0.00924EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-24439

Malware in sbrugna...

7.5CVSS7.6AI score0.01596EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-27059

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00448EPSS

Exploits1References1

OpenVAS•added 2025/08/18 12:0 a.m.•5 views

Fedora: Security Advisory (FEDORA-2025-502faa722e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.5AI score0.00313EPSS

Exploits0References19

RedhatCVE•added 2025/05/23 7:40 a.m.•9 views

CVE-2024-48942

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidation endpoint. The last 30 and the next 30 tokens are valid...

9.1CVSS5.8AI score0.00453EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:40 a.m.•5 views

CVE-2024-48941

The Syracom Secure Login 2FA plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucket. In the default configuration, /rest is allowlisted...

9.1CVSS7.2AI score0.00336EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:16 a.m.•1 views

CVE-2023-22958

The Syracom Secure Login plugin before 3.1.1.0 for Jira may allow spoofing of 2FA PIN validation via the plugins/servlet/twofactor/public/pinvalidation target parameter...

6.1CVSS6.9AI score0.00448EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by