Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Github Security Blog
Github Security Blogadded 2026/02/25 6:53 p.m.5 views

Rucio WebUI has Username Enumeration via Login Error Message

Summary The WebUI login endpoint returns distinct error messages depending on whether a supplied username exists, allowing unauthenticated attackers to enumerate valid usernames. Details When submitting invalid credentials to /ui/login, the WebUI responds with different error messages based on th...

5.3CVSS5.6AI score0.00077EPSS
Exploits1References7Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-13050

Malware in sbrugna...

8.1CVSS8AI score0.00282EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-34052

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00859EPSS
Exploits2References2
RedhatCVE
RedhatCVEadded 2025/05/22 9:35 p.m.5 views

CVE-2021-43271

Riverbed AppResponse 11.8.0, 11.8.5, 11.8.5a, 11.9.0, 11.9.0a, 11.10.0, 11.11.0, 11.11.0a, 11.11.1, 11.11.1a, 11.11.5, and 11.11.5a when configured to use local, RADIUS, or TACACS authentication logs usernames and passwords if either is entered incorrectly. If a user enters an incorrect username...

7.1CVSS7AI score0.00257EPSS
Exploits0
NVD
NVDadded 2025/02/05 6:15 p.m.14 views

CVE-2025-23413

When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.7CVSS0.00095EPSS
Exploits0References1
NVD
NVDadded 2022/06/02 2:15 p.m.10 views

CVE-2022-29729

Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password generation algorithm which generates passwords that are accessible to unauthenticated attackers via the webUI login page...

7.5CVSS0.00859EPSS
Exploits2References2
Prion
Prionadded 2022/06/02 2:15 p.m.11 views

Default credentials

Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password generation algorithm which generates passwords that are accessible to unauthenticated attackers via the webUI login page...

5CVSS7.6AI score0.00859EPSS
Exploits2References2Affected Software1
Cvelist
Cvelistadded 2019/06/11 7:19 p.m.17 views

CVE-2019-3411

All versions up to BDR218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. Due to some interfaces can obtain the WebUI login password without login, an attacker can exploit the vulnerability to obtain sensitive information about the affected components...

8.1CVSS7.4AI score0.00282EPSS
Exploits0References1
Oracle linux
Oracle linuxadded 2013/02/27 12:0 a.m.31 views

ipa security, bug fix and enhancement update

3.0.0-25.el6 - Filter generated winbind dependencies so the right version of samba can be installed. 905594 3.0.0-24.el6 - Add certmonger condrestart to server post scriptlet 903758 - Make certmonger a pre Requires 903758 - Add selinux-policy to Requirespre to avoid post scriptlet AVCs 903758 - S...

7.9CVSS9.1AI score0.0051EPSS
Exploits0
Rows per page
Query Builder