Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Positive Technologies
Positive Technologiesadded 2023/03/09 12:0 a.m.4 views

PT-2023-21166 · Npm · Nextauth.Js

Name of the Vulnerable Software and Affected Versions: NextAuth.js versions prior to v4.20.1 Description: The issue allows a bad actor to intercept and tamper with the authorization URL, enabling them to log in as the victim and bypass CSRF protection. This occurs due to a partial failure during ...

8.8CVSS8.6AI score0.00538EPSS
Exploits1References13
NVD
NVDadded 2021/05/07 4:15 a.m.18 views

CVE-2021-32099

A SQL injection vulnerability in the pandoraconsole component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chartgenerator.php sessionid parameter, leading to a login bypass...

9.8CVSS0.1139EPSS
Exploits2References3
Gentoo Linux
Gentoo Linuxadded 2005/07/04 12:0 a.m.39 views

WordPress: Multiple vulnerabilities

Background WordPress is a PHP and MySQL based content management and publishing system. Description James Bercegay of the GulfTech Security Research Team discovered that WordPress insufficiently checks data passed to the XML-RPC server. He also discovered that WordPress has several cross-site...

7.5CVSS7AI score0.79071EPSS
Exploits5
Rows per page
Query Builder