Lucene search
+L

20 matches found

Ubuntu
Ubuntu
added 2 days ago6 views

USN-8555-1: Ubuntu Advantage Tools (pro client) vulnerabilities

Bilal Teke discovered that Ubuntu Advantage Tools exposed the Pro bearer token in command-line arguments when validating APT credentials. A local attacker could possibly use this issue to obtain sensitive information and gain unauthorized access to Ubuntu Pro repositories. CVE-2026-9494 Frederick...

9CVSS6.3AI score0.00317EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-60465

Name of the Vulnerable Software and Affected Versions ubuntu-pro-client affected versions not specified Description An information disclosure issue exists where the client validates Ubuntu Pro APT credentials by executing the /usr/lib/apt/apt-helper using the download-file command. The secret...

5.5CVSS6.1AI score0.00103EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.15 views

PT-2026-52565

Name of the Vulnerable Software and Affected Versions OHIF affected versions not specified Description The DICOMWebProxy and DICOMJSON data sources, when used with default configurations, fetch an arbitrary URL parameter without proper validation. A global authentication service within the...

8.3CVSS6AI score0.00232EPSS
Exploits0References8
NVD
NVD
added 2026/06/19 7:16 p.m.10 views

CVE-2026-49336

@microsoft/kiota-http-fetchlibrary provides TypeScript libraries for Kiota-generated API clients. In versions 1.0.0-preview.97 through 1.0.0-preview.101, @microsoft/kiota-http-fetchlibrary's RedirectHandler is documented as stripping Authorization and Cookie from cross-origin redirect targets, bu...

6.9CVSS0.0065EPSS
Exploits0References2
OSV
OSV
added 2026/05/04 1:12 p.m.14 views

JLSEC-2026-428 When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross...

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

5.3CVSS5.8AI score0.00611EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.13 views

openSUSE 16 Security Update : tomcat (openSUSE-SU-2026:20611-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20611-1 advisory. - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. -...

9.1CVSS5.6AI score0.21691EPSS
Exploits8References31
OSV
OSV
added 2026/04/22 11:9 a.m.4 views

SUSE-SU-2026:21379-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: - Update to Tomcat 10.1.54 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...

9.1CVSS7.4AI score0.21691EPSS
Exploits8References21
Cvelist
Cvelist
added 2026/04/21 9:16 p.m.31 views

CVE-2026-40945 Oxia: Bearer token exposed in debug log messages on authentication failure

Oxia is a metadata store and coordination system. Prior to 0.16.2, when OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system. This...

8.7CVSS0.00308EPSS
Exploits0References1
CVE
CVE
added 2026/04/21 9:16 p.m.18 views

CVE-2026-40945

Oxia (metadata store/coordination system) is affected prior to version 0.16.2. When OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext, potentially exposing JWT tokens in application logs and any connected log aggregation systems if DEBUG logging is enabled in ...

8.7CVSS5.8AI score0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/21 9:16 p.m.5 views

CVE-2026-40945 Oxia: Bearer token exposed in debug log messages on authentication failure

Oxia is a metadata store and coordination system. Prior to 0.16.2, when OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system. This...

8.7CVSS5.8AI score0.00308EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/14 11:14 p.m.12 views

Oxia exposes bearer token in debug log messages on authentication failure

Summary When OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system. Impact An attacker with access to application logs e.g., via a...

8.7CVSS5.9AI score0.00308EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/30 5:24 p.m.6 views

GHSA-VR79-8M62-WH98 FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

Summary The FHIR Validator HTTP service exposes an unauthenticated /loadIG endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith URL prefix matching flaw in the credential provider ManagedWebAccessUtils.getServer, an attacker can steal authentication...

9.3CVSS5.9AI score0.00299EPSS
Exploits1References3
CVE
CVE
added 2026/03/26 8:40 p.m.13 views

CVE-2026-33620

CVE-2026-33620 concerns PinchTab, a standalone HTTP server that exposes a Chrome-control API. The affected range is PinchTab versions v0.7.8–v0.8.3, which accepted an API credential via a token URL query parameter in addition to the Authorization header. When a valid credential is passed in the U...

4.3CVSS5.8AI score0.00273EPSS
Exploits1References2Affected Software1
F5 Networks
F5 Networks
added 2026/03/10 9:48 p.m.14 views

K000160292: Curl vulnerability CVE-2025-14524

Security Advisory Description When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host. CVE-2025-14524 Impact The...

5.3CVSS5.8AI score0.00611EPSS
Exploits1
Cvelist
Cvelist
added 2025/12/17 6:42 a.m.36 views

CVE-2025-11924 Ninja Forms – The Contact Form Builder That Grows With You <= 3.13.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via Unscoped Bearer Token

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.13.2. This is due to the plugin not properly verifying that a user is authorized before the ninja-forms-views REST endpoints...

7.5CVSS0.0037EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/06 6:13 a.m.9 views

CVE-2025-11749

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the 'Bearer Token' value when 'No-Auth URL' is enabled. This makes it possible for unauthenticated attackers to extract th...

9.8CVSS6.4AI score0.75063EPSS
Exploits5References1
CVE
CVE
added 2025/11/05 5:31 a.m.61 views

CVE-2025-11749

The WordPress AI Engine plugin (≤ 3.1.3) is vulnerable to unauthenticated sensitive information exposure via the REST API endpoints under /mcp/v1/ when No-Auth URL is enabled. This allows attackers to retrieve the Bearer Token, enabling session hijacking and actions such as creating an administra...

9.8CVSS6AI score0.75063EPSS
In wildExploits5References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-6437

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.0056EPSS
Exploits0References3
NVD
NVD
added 2025/07/04 9:15 a.m.7 views

CVE-2024-9453

A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the logs and potentially carries a high risk if those logs are centralized when collected. The token is typically valid for one year. This flaw allows a malicious user to jeopardize the environment if th...

6.5CVSS0.00344EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/19 12:0 a.m.3 views

PT-2022-24887 · Unknown · Ghinstallation

Name of the Vulnerable Software and Affected Versions: ghinstallation versions 1 through 1 ghinstallation version 2.0.0 is not affected as it contains the fix for the issue. Description: The issue concerns ghinstallation, which provides transport implementing http.RoundTripper for authentication ...

5CVSS4.9AI score0.00382EPSS
Exploits1References13
Rows per page
Query Builder