Lucene search
K

6 matches found

redhatcve
redhatcve
added 2026/03/09 8:1 a.m.6 views

CVE-2026-30863

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.10 and 9.5.0-alpha.11, the Google, Apple, and Facebook authentication adapters use JWT verification to validate identity tokens. When the adapter's audience configuration...

9.8CVSS5.7AI score0.00525EPSS
Exploits0References1
snyk
snyk
added 2026/03/07 6:44 p.m.3 views

Improper Verification of Cryptographic Signature

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the authentication process when the audience configuration option is not...

9.8CVSS5.8AI score0.00525EPSS
Exploits0References2
exploitdb
exploitdb
added 2019/03/07 12:0 a.m.166 views

Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal RESTful Web Services unserialize RCE', 'Description' = %q This module exploits a PHP unserialize vulnerability in Drupal RESTful Web...

8.1CVSS7.4AI score0.91919EPSS
Exploits22
exploitdb
exploitdb
added 2019/02/23 12:0 a.m.1304 views

Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution

Analyzing the patch By diffing Drupal 8.6.9 and 8.6.10, we can see that in the REST module, FieldItemNormalizer now uses a new trait, SerializedColumnNormalizerTrait. This trait provides the checkForSerializedStrings method, which in short raises an exception if a string is provided for a value...

7.4AI score
Exploits0
nessus
nessus
added 2019/02/20 12:0 a.m.113 views

Drupal 8.5.x < 8.5.11 / 8.6.x < 8.6.10 Remote Code Execution (SA-CORE-2019-003)

According to its self-reported version, the instance of Drupal running on the remote web server is 8.5.x prior to 8.5.11, or 8.6.x prior to 8.6.10. It is, therefore, affected by a remote code execution vulnerability due to improper sanitization of data from non-form sources. %NASLMINLEVEL 70300 C...

8.1CVSS8.1AI score0.91919EPSS
Exploits22References4
symantec
symantec
added 1994/02/24 12:0 a.m.18 views

Sendmail IDENT Remote root Vulnerability

Description A vulnerability in the IDENT function of sendmail 8.6.9 allows attackers to obtain remote root access. Very little other information on this vulnerability is currently available; this is an old vulnerability. Technologies Affected Eric Allman Sendmail 8.6.9 Upgrade to at least version...

3.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder