Lucene search
K

4 matches found

Nuclei
Nuclei
added yesterday38 views

SuperWebMailer 9.00.0.01710 - Cross-Site Scripting

An issue was discovered in SuperWebMailer 9.00.0.01710 allowing XSS via crafted incorrect passwords. id: CVE-2023-38192 info: name: SuperWebMailer 9.00.0.01710 - Cross-Site Scripting author: ritikchaddha severity: medium description: | An issue was discovered in SuperWebMailer 9.00.0.01710 allowi...

6.1CVSS6.4AI score0.01116EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.3 views

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.4.3 that stems from a failure to free an allocated buffer when the KMC server returns a...

6.3CVSS6.6AI score0.00497EPSS
Exploits1References3
Prion
Prion
added 2021/09/27 7:15 a.m.14 views

Design/Logic Flaw

DISPUTED The passport-oauth2 package before 1.6.1 for Node.js mishandles the error condition of failure to obtain an access token. This is exploitable in certain use cases where an OAuth identity provider uses an HTTP 200 status code for authentication-failure error reports, and an application...

5CVSS5.6AI score0.01261EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2021/05/24 4:57 p.m.58 views

Ory fosite contains Improper Handling of Exceptional Conditions

Impact The TokenRevocationHandler ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid. Whether an attacker can use this for her advantage depends on the ability to trigger errors in the store...

8CVSS1.2AI score0.01588EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder