Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/03/16 3:30 p.m.2 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the comment block modification process. An attacker can alter comments created by other users by leveraging editor permissions without proper authorization checks. Remediation Upgrade...

5.3CVSS5.8AI score0.00042EPSS
Exploits1References2
Snyk
Snykadded 2025/11/27 6:41 p.m.2 views

Incorrect Implementation of Authentication Algorithm

Overview Affected versions of this package are vulnerable to Incorrect Implementation of Authentication Algorithm. An attacker can gain unauthorized access to another user's account by leveraging a specially crafted email address when switching authentication methods and sending a request to the...

9.9CVSS7AI score0.00086EPSS
Exploits0References2
Snyk
Snykadded 2025/11/14 9:30 a.m.1 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the /api/v4/teams/teamid/channels/searcharchived endpoint. An attacker can access information about archived public channels by sending crafted requests as a guest user. Remediation Upgrade...

5.3CVSS6.6AI score0.00039EPSS
Exploits0References2
Snyk
Snykadded 2025/11/14 8:43 a.m.2 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the MSTeams plugin OAuth flow. An attacker can modify arbitrary posts by sending a crafted OAuth redirect URL. Remediation Upgrade...

5.4CVSS6.9AI score0.00045EPSS
Exploits0References2
Snyk
Snykadded 2025/05/15 6:31 p.m.1 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to the improper verification of user permissions when accessing groups. An attacker can view unauthorized group information by crafting a malicious API request. Remediation Upgrade...

5.3CVSS6.7AI score0.0017EPSS
Exploits0References2
Snyk
Snykadded 2025/04/22 4:56 p.m.0 views

Exposure of Sensitive Information Through Metadata

Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions. By creating a bookmark referencing a deleted file, an attacker can expose metadata from...

4.3CVSS6.8AI score0.00095EPSS
Exploits0References3
seebug.org
seebug.orgadded 2008/10/07 12:0 a.m.15 views

asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. =========================================================================================== o asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerability Software : asiCMS version alpha 0.208 Vendor : http://asicms.sourceforge.net/ Download :...

7.1AI score
Exploits0
Rows per page
Query Builder