Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2025/10/17 2:54 p.m.1 views

OESA-2025-2431 google-oauth-java-client security update

Written by Google, the Google OAuth Client Library for Java is a powerful and easy-to-use Java library for the OAuth 1.0a and OAuth 2.0 authorization standards. The Google OAuth Client Library for Java is designed to work with any OAuth service on the web, not just with Google APIs. It is built o...

8.7CVSS6.9AI score0.00055EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-1221

Malicious code in bioql PyPI...

8.7CVSS7.1AI score0.00055EPSS
Exploits0References10
Patchstack
Patchstackadded 2025/02/28 11:18 p.m.2 views

WordPress IP2Location Redirection plugin <= 1.33.3 - Missing Authorization to Unauthenticated Settings Export vulnerability

Missing Authorization to Unauthenticated Settings Export vulnerability discovered by Krzysztof Zając in WordPress Plugin IP2Location Redirection versions = 1.33.3...

5.3CVSS7AI score0.00173EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2024/04/09 3:11 p.m.0 views

GHSA-HW42-3568-WJ87 google-oauth-java-client improperly verifies cryptographic signature

Summary The vulnerability impacts only users of the IdTokenVerifier class. The verify method in IdTokenVerifier does not validate the signature before verifying the claims e.g., iss, aud, etc.. Signature verification makes sure that the token's payload comes from valid provider, not from someone...

7.3CVSS6.8AI score0.00055EPSS
Exploits0References5
OSV
OSVadded 2022/05/04 12:0 a.m.0 views

GHSA-XH97-72WW-2W58 Duplicate Advisory: Improper Verification of Cryptographic Signature in google-oauth-java-client

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hw42-3568-wj87. This link is maintained to preserve external references. Summary The vulnerability impacts only users of the IdTokenVerifier class. The verify method in IdTokenVerifier does not validate the...

7.3CVSS7AI score0.00055EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2022/05/03 3:45 p.m.42 views

CVE-2021-22573

The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An attacker can provide a compromised token with custom payload. The token will pass the validation ...

8.7CVSS7.8AI score0.00055EPSS
Exploits0
Exploit DB
Exploit DBadded 2009/04/22 12:0 a.m.27 views

DirectAdmin 1.33.3 - &#039;/CMD_DB&#039; Backup Action Insecure Temporary File Creation

source: https://www.securityfocus.com/bid/34676/info DirectAdmin creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic link attacks to overwrite arbitrary attacker-specified files. This could facilitate a complete...

7.4AI score
Exploits0
Rows per page
Query Builder