Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2025/05/22 8:38 p.m.22 views

CVE-2025-48372 Schule Has Insecure OTP Length, is Susceptible to Brute-Force Attacks

Schule is open-source school management system software. The generateOTP function generates a 4-digit numeric One-Time Password OTP. Prior to version 1.0.1, even if a secure random number generator is used, the short length and limited range 1000–9999 results in only 9000 possible combinations...

8.7CVSS0.00299EPSS
Exploits0References2
Debian
Debianadded 2025/04/08 7:35 a.m.13 views

[SECURITY] [DLA 4120-1] libnet-easytcp-perl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4120-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura April 08, 2025 https://wiki.debian.org/LTS -...

5.4CVSS6.8AI score0.00231EPSS
Exploits0
CNNVD
CNNVDadded 2023/06/07 12:0 a.m.2 views

WordPress Plugin Page Builder: KingComposer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Page Builder: KingComposer...

8.8CVSS8AI score0.00227EPSS
Exploits1References5
OSV
OSVadded 2021/04/06 5:22 p.m.15 views

GHSA-W3HJ-WR2Q-X83G Discovery uses the same AES/GCM Nonce throughout the session

Discovery uses the same AES/GCM Nonce throughout the session though it should be generated on per message basis which can lead to the leaking of the session key. As the actual ENR record is signed with a different key it is not possible for an attacker to alter the ENR record. Note that the node...

5.3CVSS5.2AI score0.00543EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2016/07/25 12:0 a.m.35 views

Debian DSA-3627-1 : phpmyadmin - security update

Several vulnerabilities have been fixed in phpMyAdmin, the web-based MySQL administration interface. - CVE-2016-1927 The suggestPassword function relied on a non-secure random number generator which makes it easier for remote attackers to guess generated passwords via a brute-force approach. -...

7.5CVSS6.2AI score0.02778EPSS
Exploits0References28
NVD
NVDadded 2016/07/02 2:59 p.m.7 views

CVE-2016-0391

The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...

9.8CVSS9.2AI score0.00861EPSS
Exploits0References1
ThreatPost
ThreatPostadded 2014/07/21 10:30 a.m.6 views

EFF Releases Open Wireless Router Firmware

The EFF is working on an open wireless router firmware that’s designed to be a secure and flexible alternative to the existing software that runs on home and small business routers, much of which is notoriously insecure. The Open Wireless Router project, which the organization announced at the HO...

6.5AI score
Exploits0References5
Rows per page
Query Builder