Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2007-2712

Malware in sbrugna...

4.3CVSS6.4AI score0.00465EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-49797

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00338EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/04/24 12:0 a.m.2 views

PT-2025-17857 · Unknown · Codeastro Bus Ticket Booking System

Name of the Vulnerable Software and Affected Versions: Codeastro Bus Ticket Booking System version 1.0 Description: Insecure Direct Object Reference IDOR in Codeastro Bus Ticket Booking System allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attacker can...

8CVSS6.3AI score0.00149EPSS
Exploits1References10
RedhatCVE
RedhatCVEadded 2025/04/14 7:4 a.m.12 views

CVE-2025-3292

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the userregistrationupdateprofiledetails due to missing validation on the 'userid' use...

4.3CVSS7.2AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/05 4:33 a.m.6 views

CVE-2024-9215

The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors plugin for WordPress is vulnerable to Insecure Direct Object Reference to Privilege Escalation/Account Takeover in all versions up to, and including, 4.7.1 via the actioneditedauthor due to missing...

8.8CVSS8.7AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/11/13 3:20 a.m.17 views

CVE-2024-10174 WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts <= 2.6.13 - Insecure Direct Object Reference to Unauthenticated Authorization Bypass

The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.13 via the 'AbstractPermission' class due to missing validation on the 'useri...

7.3CVSS0.00309EPSS
Exploits0References3
Nmap
Nmapadded 2016/12/08 9:17 p.m.253 views

tso-enum NSE Script

TSO User ID enumerator for IBM mainframes z/OS. The TSO logon panel tells you when a user ID is valid or invalid with the message: IKJ56420I Userid not authorized to use TSO. The TSO logon process can work in two ways: 1 You get prompted with IKJ56700A ENTER USERID - to which you reply with the...

10CVSS9.3AI score0.94176EPSS
Exploits33
Kitploit
Kitploitadded 2014/02/06 12:38 a.m.39 views

[Racfsnow] Password cracker for RACF (IBM mainframe)

RACFSNOW is a highly optimised PC program for performing a dictionary attack against a RACF database, with the option of using a database unload IRRDBU00 to validate the User IDs to attack. It uses an ini file to control various parameters to enable focusing the attack on certain user IDs and or...

7.3AI score
Exploits0
securityvulns
securityvulnsadded 2003/05/05 12:0 a.m.20 views

Key validity bug in GnuPG 1.2.1 and earlier

As part of the development of GnuPG 1.2.2, a bug was discovered in the key validation code. This bug causes keys with more than one user ID to give all user IDs on the key the amount of validity given to the most-valid key. This bug does not impact any key with only one user ID. Photo IDs "user...

0.7AI score
Exploits0
Rows per page
Query Builder