Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

EUVD
EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-4101

Malware in sbrugna...

5CVSS6.4AI score0.01352EPSS
Exploits0References5
EUVD
EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-6263

Malicious code in bioql PyPI...

8.2CVSS6.6AI score0.00055EPSS
Exploits0References1
EUVD
EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2022-0533

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00146EPSS
Exploits0References8
RedhatCVE
RedhatCVE•added 2025/05/23 3:38 a.m.•4 views

CVE-2023-28862

An issue was discovered in LemonLDAP::NG before 2.16.1. Weak session ID generation in the AuthBasic handler and incorrect failure handling during a password check allow attackers to bypass 2FA verification. Any plugin that tries to deny session creation after the store step does not deny an...

9.8CVSS6.9AI score0.00075EPSS
Exploits1References1
RedhatCVE
RedhatCVE•added 2025/05/22 8:4 a.m.•4 views

CVE-2019-11576

Gitea before 1.8.0 allows 1FA for user accounts that have completed 2FA enrollment. If a user's credentials are known, then an attacker could send them to the API without requiring the 2FA one-time password...

9.8CVSS6.7AI score0.00397EPSS
Exploits0References1
OpenVAS
OpenVAS•added 2025/05/20 12:0 a.m.•10 views

Nextcloud Server Session Handling Vulnerability (GHSA-9h3w-f3h4-qqrh)

Nextcloud Server is prone to a session handling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.4CVSS6.9AI score0.00078EPSS
Exploits0References1
RedhatCVE
RedhatCVE•added 2025/04/29 8:45 p.m.•14 views

CVE-2025-3910

A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication. Mitigation No current mitigations are available for this vulnerability...

5.4CVSS5.3AI score0.00087EPSS
Exploits0References3
GithubExploit
GithubExploit•added 2025/02/14 1:42 p.m.•375 views

Exploit for Missing Authentication for Critical Function in Really-Simple-Plugins Really_Simple_Security

WordPress CVE-2024-10924 Exploit 📌 Overview This repository...

9.8CVSS7.5AI score0.93889EPSS
Exploits21
Hacker One
Hacker One•added 2024/05/01 9:22 p.m.•19 views

HackerOne: Two-factor authentication bypass lead to information disclosure about the program and all hackers participate

Vulnerability description not provided...

7.1AI score
Exploits0
NVD
NVD•added 2020/02/13 7:15 p.m.•14 views

CVE-2014-4198

A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function...

9.1CVSS9.1AI score0.00282EPSS
Exploits1References1
ThreatPost
ThreatPost•added 2014/06/25 11:39 a.m.•20 views

Flaw Lets Attackers Bypass PayPal Two-Factor Authentication

There’s a vulnerability in the way that PayPal handles certain requests from mobile clients that can allow an attacker to bypass the two-factor authentication mechanism for the service and transfer money from a victim’s account to any recipient he chooses. The flaw lies in the way that the PayPal...

7.4AI score
Exploits0References1
Rows per page
Query Builder