CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

br.com.nitertech:jwt (>=1.1.4.2 <=1.1.5), cn.herodotus.engine:oauth2-sdk-authentication (>=3.0.6.4 <=3.1.1.3) +314 more potentially affected by CVE-2023-34035 via org.springframework.security:spring-security-config (>=6.1.0 <=6.1.1)

org.springframework.security:spring-security-config MAVEN version =6.1.0, =1.1.4.2, =3.0.6.4, =3.0.6.4, =3.0.6.4, =3.0.6.4, =4.0.1, =4.0.1, =0.1.0, =6.1.11, =6.1.11, =7.0.0, =7.0.0, =6.1.11, =6.1.11, =6.2.0 and more Source cves: CVE-2023-34035 Source advisory: OSV:GHSA-4VPR-XFRP-CJ64...

7.3CVSS6.7AI score0.02632EPSS

Exploits1

Github Security Blog•added 2022/05/24 10:28 p.m.•10 views

Broken Authentication in Atlassian Connect Express

Broken Authentication in Atlassian Connect Express ACE from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a server-to-server JWT or...

7.7CVSS6.7AI score0.00343EPSS

Exploits0References5Affected Software1

vulnersOsv•added 2022/05/24 10:28 p.m.•3 views

@nexus-switchboard/nexus-conn-jira (>=0.1.0 <=0.2.2), @nexus-switchboard/nexus-mod-service (>=0.4.1 <=0.6.3) +1 more potentially affected by CVE-2021-26073 via atlassian-connect-express (>=3.5.2 <=4.4.1)

atlassian-connect-express NPM version =3.5.2, =0.1.0, =0.4.1, =0.0.1, =2.0.5 Source cves: CVE-2021-26073 Source advisory: OSV:GHSA-4V96-M8XV-X83V...

7.7CVSS7.1AI score0.00343EPSS

Exploits0

vulnersOsv•added 2022/04/22 12:0 a.m.•0 views

com.atlassian.connect:atlassian-connect-spring-boot-api (>=2.0.2 <=2.0.7), com.atlassian.connect:atlassian-connect-spring-boot-core (>=2.0.2 <=2.0.7) +34 more potentially affected by CVE-2022-22969 via org.springframework.security.oauth:spring-security-oauth2 (>=2.4.0.RELEASE <=2.4.1.RELEASE)

org.springframework.security.oauth:spring-security-oauth2 MAVEN version =2.4.0.RELEASE, =2.0.2, =2.0.2, =2.0.2, =2.0.2, =0.0.5, =0.0.5, =0.0.5, =5.0.0, =5.0.0, =4.59.5, =1.0.10.RELEASE, =1.0.10.RELEASE, =1.0.10.RELEASE, =1.73.8, =1.106.2 and more Source cves: CVE-2022-22969 Source advisory:...

6.5CVSS6.5AI score0.00587EPSS

Exploits0

OSV•added 2021/06/16 5:23 p.m.•17 views

GHSA-2X7V-W2MV-F3RX Improper Authentication in Atlassian Connect Spring Boot

Broken Authentication in Atlassian Connect Spring Boot ACSB in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Sprin...

8.8CVSS8.6AI score0.00388EPSS

Exploits1References3

Github Security Blog•added 2021/06/16 5:23 p.m.•48 views

Improper Authentication in Atlassian Connect Spring Boot

9.1CVSS4.6AI score0.00388EPSS

Exploits1References4Affected Software1

Tenable Nessus•added 2021/06/03 12:0 a.m.•28 views

FreeBSD : Gitlab -- Multiple Vulnerabilities (5f52d646-c31f-11eb-8dcf-001b217b3468)

Gitlab reports : Stealing GitLab OAuth access tokens using XSLeaks in Safari Denial of service through recursive triggered pipelines Unauthenticated CI lint API may lead to information disclosure and SSRF Server-side DoS through rendering crafted Markdown documents Issue and merge request length...

7.7CVSS6.8AI score0.00171EPSS

Exploits0References3

FreeBSD•added 2021/06/01 12:0 a.m.•44 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Stealing GitLab OAuth access tokens using XSLeaks in Safari Denial of service through recursive triggered pipelines Unauthenticated CI lint API may lead to information disclosure and SSRF Server-side DoS through rendering crafted Markdown documents Issue and merge request length...

7.7CVSS1.4AI score0.00171EPSS

Exploits0References1

CNVD•added 2021/05/11 12:0 a.m.•7 views

Atlassian Connect Spring Boot Authorization Issues Vulnerability

Atlassian Connect Spring Boot is an application component from Atlassian Australia. A Spring Boot starter program is provided for building Atlassian Connect add-ons for JIRA Software, Service Desk and Core and Confluence. An authorization issue vulnerability exists in Atlassian Connect Spring Boo...

9.1CVSS6.5AI score0.00388EPSS

Exploits1References1

vulnersOsv•added 2021/05/10 3:19 p.m.•4 views

com.quamto.jira:plugins-base (>=1.1.1-rc <=1.6.1) potentially affected by CVE-2021-26074 via com.atlassian.connect:atlassian-connect-spring-boot-starter (>=1.2.1 <=1.5.0)

com.atlassian.connect:atlassian-connect-spring-boot-starter MAVEN version =1.2.1, =1.1.1-rc, =1.6.1 Source cves: CVE-2021-26074 Source advisory: OSV:GHSA-CPCR-74Q9-74GP...

6.5CVSS6.5AI score0.00258EPSS

Exploits0

NVD•added 2021/05/10 12:15 a.m.•9 views

CVE-2021-26077

9.1CVSS0.00388EPSS

Exploits1References2

OSV•added 2021/05/10 12:15 a.m.•3 views

CVE-2021-26077

8.8CVSS7.3AI score

Exploits0References2

Prion•added 2021/05/10 12:15 a.m.•13 views

Authentication flaw

6.5CVSS8.6AI score0.00388EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2021/05/09 11:55 p.m.•4 views

CVE-2021-26077

8.7AI score0.00388EPSS

Exploits1References2

Cvelist•added 2021/05/09 11:55 p.m.•11 views

CVE-2021-26077

8.9AI score0.00388EPSS

Exploits1References2

Positive Technologies•added 2021/05/09 12:0 a.m.•2 views

PT-2021-16944 · Atlassian · Connect Spring Boot

Name of the Vulnerable Software and Affected Versions: Atlassian Connect Spring Boot versions 1.1.0 through 2.1.3 Atlassian Connect Spring Boot versions 2.1.4 through 2.1.5 Description: The issue concerns Atlassian Connect Spring Boot, a Java Spring Boot package for building Atlassian Connect app...

9.1CVSS7.1AI score0.00388EPSS

Exploits1References5

CNNVD•added 2021/05/09 12:0 a.m.•2 views

Atlassian Connect Spring Boot 授权问题漏洞

9.1CVSS5.6AI score0.00388EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by