Lucene search
K

14 matches found

Snyk
Snyk
added 2026/06/04 7:27 p.m.2 views

Weak Password Recovery Mechanism for Forgotten Password

Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password in the userrecovery process. An attacker can gain unauthorized access to any admin account by triggering a password recovery for th...

7.6CVSS5.8AI score0.00034EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46852

Summary A low-privilege admin user with user recovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

6.8CVSS5.8AI score
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ublkdrv: A NULL pointer dereference issue was fixed in ublkctrlstartrecovery. When two UBLKCMDSTARTUSERRECOVERY commands are submitted, the first one sets ‘ubq-ubqdaemon’ to NULL, and the second one triggers a WARN in...

5.5CVSS6.3AI score0.00247EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/23 6:43 p.m.19 views

CVE-2026-33688 AVideo has Pre-Captcha User Enumeration and Account Status Disclosure in Password Recovery Endpoint

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the password recovery endpoint at objects/userRecoverPass.php performs user existence and account status checks before validating the captcha. This allows an unauthenticated attacker to enumerate valid usernames a...

5.3CVSS0.00278EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-0829

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00394EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-59876

Malicious code in bioql PyPI...

6.3AI score0.00143EPSS
Exploits0References4
NVD
NVD
added 2025/09/15 3:15 p.m.6 views

CVE-2023-53207

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...

5.5CVSS0.00143EPSS
Exploits0References3
OSV
OSV
added 2025/09/15 3:15 p.m.6 views

UBUNTU-CVE-2023-53207

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...

5.5CVSS5.7AI score0.00143EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/09/15 2:21 p.m.10 views

CVE-2023-53207 ublk: fail to recover device if queue setup is interrupted

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...

0.00143EPSS
Exploits0References3
OSV
OSV
added 2025/09/15 2:21 p.m.4 views

CVE-2023-53207 ublk: fail to recover device if queue setup is interrupted

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...

5.5CVSS6.1AI score0.00143EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 10:30 p.m.9 views

CVE-2022-32969

MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in order to support the Restore Session feature, aka the Demonic issue...

5.9CVSS6.8AI score0.01448EPSS
Exploits0References1
OSV
OSV
added 2024/09/18 8:15 a.m.1 views

UBUNTU-CVE-2024-46735

In the Linux kernel, the following vulnerability has been resolved: ublkdrv: fix NULL pointer dereference in ublkctrlstartrecovery When two UBLKCMDSTARTUSERRECOVERY commands are submitted, the first one sets 'ubq-ubqdaemon' to NULL, and the second one triggers WARN in ublkqueuereinit and...

5.5CVSS6.5AI score0.00247EPSS
Exploits0References12
Citrix
Citrix
added 2023/05/31 12:0 a.m.11 views

Secure mail stops responding for some users

In some customer environments, SecureMail will occasionally lock up or stop responding. In order to recover, the user needs to reboot his device. Examining SecureMail logs, we observe timeout errors...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/11/18 12:0 a.m.4 views

Moodle Unauthorized Access Vulnerability (CNVD-2020-65138)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a security vulnerability that stems from inappropriate access restrictions in the process when restoring role...

7.5CVSS7AI score0.01588EPSS
Exploits0References1
Rows per page
Query Builder