Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Github Security Blog
Github Security Blogadded 2026/04/10 9:31 p.m.11 views

Temporal does not enforce authentication and authorization for the streaming AdminService/StreamWorkflowReplicationMessages endpoint

The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted requests...

6.3CVSS5.8AI score0.00037EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2026/03/19 4:43 p.m.1 views

GHSA-PW4V-X838-W5PG AVideo has an Authorization Bypass via Path Traversal in HLS Endpoint Allows Streaming Private/Paid Videos

Summary The HLS streaming endpoint view/hls.php is vulnerable to a path traversal attack that allows an unauthenticated attacker to stream any private or paid video on the platform. The videoDirectory GET parameter is used in two divergent code paths — one for authorization which truncates at the...

7.5CVSS5.8AI score0.00074EPSS
Exploits1References4
GithubExploit
GithubExploitadded 2023/05/24 4:9 a.m.4 views

Exploit for Missing Authentication for Critical Function in Ic Realtime_Icip-P2012T_Firmware

CVE-2023-31594 IC Realtime ICIP-P2012T is vulnerable to Incorr...

7.5CVSS8.1AI score0.00783EPSS
Exploits2
Rows per page
Query Builder