Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-1843

Malicious code in bioql PyPI...

8.6CVSS6.6AI score0.00082EPSS
Exploits0References1
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-9353 Malicious code in @subscription-info/bff (npm)

The package @subscription-info/bff was found to contain malicious code...

7.2AI score
Exploits0
NVD
NVDadded 2025/01/30 11:15 a.m.5 views

CVE-2025-0739

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by changing the "SUSCBRIPTIONID" param of the endpoint "/demos/embedai/subscriptions/show/"...

8.6CVSS0.00082EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/01/30 11:10 a.m.4 views

CVE-2025-0739 Improper Access Control vulnerability in EmbedAI

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by changing the "SUSCBRIPTIONID" param of the endpoint "/demos/embedai/subscriptions/show/"...

8.6CVSS8.3AI score0.00082EPSS
Exploits0References1
CVE
CVEadded 2025/01/30 11:10 a.m.43 views

CVE-2025-0739

CVE-2025-0739 affects EmbedAI 2.1 and earlier. The issue is an improper access control that allows an authenticated attacker to disclose subscription information of other users by altering the SUSCBRIPTION_ID parameter in the endpoint /demos/embedai/subscriptions/show/. Affected component: the /d...

8.6CVSS8.3AI score0.00082EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/01/30 11:10 a.m.8 views

CVE-2025-0739 Improper Access Control vulnerability in EmbedAI

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to show subscription's information of others users by changing the "SUSCBRIPTIONID" param of the endpoint "/demos/embedai/subscriptions/show/"...

8.6CVSS0.00082EPSS
Exploits0References1
Metasploit
Metasploitadded 2024/07/03 7:54 p.m.229 views

Azure CLI Credentials Gatherer

This module will collect the Azure CLI 2.0+ az cli settings files for all users on a given target. These configuration files contain JWT tokens used to authenticate users and other subscription information. Once tokens are stolen from one host, they can be used to impersonate the user from a...

7AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2013/02/21 7:4 p.m.49 views

Important: Red Hat Security Advisory: Subscription Asset Manager 1.2 update

Red Hat Subscription Asset Manager 1.2, which fixes several security issues, multiple bugs, and adds various enhancements, is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...

7.5CVSS7.2AI score0.01824EPSS
Exploits3References107
Rows per page
Query Builder