Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2023/08/10 7:15 p.m.18 views

CVE-2023-23342

If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented...

7.1CVSS6.5AI score0.00065EPSS
Exploits0References1
Prion
Prionadded 2022/09/23 8:15 a.m.11 views

Authentication flaw

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 4.10.16, or from 5.0.0 to 5.2.6, validation of the authentication adapter app ID for Facebook and Spotify may be circumvented. Configurations which allow users to...

2.6CVSS4.1AI score0.00196EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2018/11/27 2:29 p.m.10 views

Input validation

In System Management Module SMM versions prior to 1.06, if an attacker manages to log in to the device OS, the validation of software updates can be circumvented...

4CVSS6.8AI score0.00219EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2016/02/26 3:8 p.m.5 views

SUSE-SU-2016:0600-1 Security update for rubygem-activesupport-4_1

This update for rubygem-activesupport-41 fixes the following issues: - CVE-2016-0753: Input Validation Circumvention bsc963334 - CVE-2015-7576: Timing attack vulnerability in basic authentication in Action Controller bsc963329...

5.3CVSS5.1AI score0.02328EPSS
Exploits0References5
GitLab Advisory Database
GitLab Advisory Databaseadded 2016/02/15 12:0 a.m.24 views

Possible Input Validation Circumvention

Code that uses Active Model based models including Active Record models and does not validate user input before passing it to the model can be subject to an attack where specially crafted input will cause the model to skip validations. Rails users using Strong Parameters are generally not impacte...

5.3CVSS4.8AI score0.02328EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2016/02/11 4:47 p.m.7 views

SUSE-SU-2016:0435-1 Security update for rubygem-activesupport-4_2

This update for rubygem-activesupport-42 fixes the following issues: - CVE-2015-7576: Timing attack vulnerability in basic authentication in Action Controller bsc963329 - CVE-2016-0753: Input Validation Circumvention bsc963334...

5.3CVSS5.1AI score0.02328EPSS
Exploits0References5
OSV
OSVadded 2016/02/11 10:52 a.m.5 views

SUSE-SU-2016:0432-1 Security update for rubygem-activemodel-4_2

This update for rubygem-activemodel-42 fixes the following issues: - CVE-2016-0753: Input Validation Circumvention bsc963334...

5.3CVSS5.5AI score0.02328EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2016/02/08 12:0 a.m.45 views

openSUSE Security Update : rubygem-actionpack-4_2 / rubygem-actionview-4_2 / rubygem-activemodel-4_2 / etc (openSUSE-2016-159)

This update for rubygem-actionpack-42, rubygem-actionview-42, rubygem-activemodel-42, rubygem-activerecord-42, rubygem-activesupport-42 fixes the following issues : - CVE-2015-7576: Timing attack vulnerability in basic authentication in Action Controller boo963329 - CVE-2016-0752: directory...

7.5CVSS6.1AI score0.90494EPSS
Exploits11References12
Rows per page
Query Builder