Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/01/07 8:0 a.m.3 views

CURL-CVE-2025-14524 bearer token leak on cross-protocol redirect

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

5.3CVSS6.8AI score0.00611EPSS
Exploits1
SUSE Linux
SUSE Linuxadded 2025/02/03 8:57 a.m.3 views

Security update for rust-keylime

This update for rust-keylime fixes the following issues: Update vendored crates CVE-2024-43806, bsc1229952, bsc1230029 rustix 0.37.25 rustix 0.38.34 shlex 1.3.0 Update to version 0.2.6+13: Enable test functional/iak-idevid-persisted-and-protected builddeps: bump uuid from 1.7.0 to 1.10.0 builddep...

7.5CVSS7.7AI score0.00949EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2024/07/31 12:0 a.m.1 views

PT-2024-29887

Name of the Vulnerable Software and Affected Versions Biscuit versions prior to 4 Description The issue concerns the generation of third-party blocks in Biscuit, an authorization token with decentralized verification. A malicious user can forge a ThirdPartyBlock request, tricking the third-party...

6.4CVSS6.4AI score0.00291EPSS
Exploits0References15
CNNVD
CNNVDadded 2023/10/27 12:0 a.m.3 views

Nature Easy Soft Network Technology ZenTao Cross-Site Request Forgery Vulnerability

Nature Easy Soft Network Technology ZenTao is China's easy soft Tianchuang network technology Nature Easy Soft Network Technology company's open source project management software. The software includes product management, project management, quality management and document management and other...

8.8CVSS6.8AI score0.00286EPSS
Exploits1References2
OSV
OSVadded 2021/11/17 11:15 p.m.0 views

GHSA-VPFP-5GWQ-G533 Improper Authentication in Apache ShenYu Admin

A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0...

9.8CVSS7.1AI score0.40058EPSS
Exploits2References6
BDU FSTEC
BDU FSTECadded 2019/08/20 12:0 a.m.5 views

The vulnerability of the `tokenUseGlobalStorage` function in the authentication system for web applications in LemonLDAP::NG allows a attacker to compromise data integrity, gain access to confidential data, and cause service interruptions.

The vulnerability of the tokenUseGlobalStorage function in the authentication system for web applications in LemonLDAP::NG is related to insufficient token session verification. Exploiting this vulnerability could allow a malicious actor to compromise data integrity, gain access to confidential...

9.8CVSS5.5AI score0.02798EPSS
Exploits1References6Affected Software2
Rows per page
Query Builder