Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Spomky-Labs Security Vulnerabilities

cve
cve

CVE-2021-38299

Webauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user's system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence.

9.8CVSS

9.3AI Score

0.003EPSS

2021-09-27 06:15 AM
59
cve
cve

CVE-2024-39912

web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found. Whe...

5.3CVSS

5.5AI Score

0.0004EPSS

2024-07-15 08:15 PM
27