Lucene search
K

20 matches found

OpenVAS
OpenVAS
added 2023/09/08 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-6352-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.48019EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2023/09/07 1:36 a.m.63 views

USN-6352-1: Apache Shiro vulnerabilities

It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...

9.8CVSS8AI score0.48019EPSS
Exploits3
OSV
OSV
added 2023/09/07 1:36 a.m.4 views

USN-6352-1 shiro vulnerabilities

It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...

9.8CVSS7.3AI score0.48019EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.34 views

Ubuntu 18.04 ESM / 20.04 LTS : Apache Shiro vulnerabilities (USN-6352-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6352-1 advisory. It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass...

9.8CVSS8.2AI score0.48019EPSS
Exploits3References3
Gitee
Gitee
added 2023/02/16 12:17 a.m.7 views

Exploit for CVE-2020-13933

CVE-2020-13933 靶场 shiro 权限配置, 当请求 /res/ 资源时, 302 跳转到登陆页面进行身份认证 - NameController.java: · /res/name: 请求名为 name 的的资源(触发身份认证) · /res/: 不请求任何资源(不触发身份认证) 靶场验证 不在请求路由中指定资源名称时,不触发身份验证,也无资源返回: http://127.0.0.1:8080/res/ 在请求路由中指定资源名称时,302 跳转到身份验证页面: http://127.0.0.1:8080/res/poc 构造特定 PoC...

7.5CVSS9.4AI score0.48019EPSS
Exploits3
Circl
Circl
added 2023/01/24 10:52 p.m.5 views

CVE-2020-13933

creationtimestamp| type| source ---|---|--- 2023-01-24 22:52:24+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/3707...

7.5CVSS7.7AI score0.48019EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2021/08/05 12:0 a.m.39 views

Debian DLA-2726-1 : shiro - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2726 advisory. It was discovered that there were two issues in shiro, a security framework for Java applications: CVE-2020-13933 Fix an authentication bypass resulting from a...

9.8CVSS8.1AI score0.48019EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2021/08/03 12:0 a.m.29 views

Debian: Security Advisory (DLA-2726-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.5AI score0.48019EPSS
Exploits3References4
Debian
Debian
added 2021/08/02 10:10 p.m.39 views

[SECURITY] [DLA 2726-1] shiro security update

Debian LTS Advisory DLA-2726-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez August 02, 2021 https://wiki.debian.org/LTS Package : shiro Version : 1.3.2-1+deb9u2 CVE ID : CVE-2020-13933 CVE-2020-17510 Debian Bug : 968753 It was discovered that there were two...

9.8CVSS7.2AI score0.48019EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2021/05/07 3:54 p.m.4 views

be.fluid-it.guice.extensions:guice-multi-shiro-realms (=0.1-1), be.fluid-it.shiro.jee:shiro-jee-authc (>=0.1-1 <=0.1-3) +2823 more potentially affected by CVE-2020-13933 via org.apache.shiro:shiro-core (>=1.0.0-incubating <=1.5.3)

org.apache.shiro:shiro-core MAVEN version =1.0.0-incubating, =0.1-1, =4.0.0-RC2, =1.0.0, =1.0.0, =0.0.2, =0.0.21, =0.0.2, =0.0.1, =1.0.0, =0.1, =0.1, =0.2 and more Source cves: CVE-2020-13933 Source advisory: OSV:GHSA-2VGM-WXR3-6W2J...

7.5CVSS7.1AI score0.48019EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2021/02/02 2:23 p.m.130 views

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R18 security and bug fix update

An update is now available for Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.3CVSS7.4AI score0.85001EPSS
Exploits10References6
RedHat Linux
RedHat Linux
added 2020/12/16 12:11 p.m.176 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.8CVSS8AI score0.95586EPSS
Exploits12References39
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/18 9:15 p.m.32 views

Security Bulletin: Apache Shiro as used by Master Console is vulnerable to improper acceess control (CVE-2020-13933)

Summary Apache Shiro as used by Master Console is vulnerable to improper acceess control Vulnerability Details CVEID: CVE-2020-13933 DESCRIPTION: Apache Shiro could allow a remote attacker to bypass security restrictions, caused by improper authentication validation. By sending a specially-crafte...

7.5CVSS1.2AI score0.48019EPSS
Exploits3Affected Software1
GithubExploit
GithubExploit
added 2020/09/09 10:20 a.m.311 views

Exploit for CVE-2020-13933

CVE-2020-13933 – Test Bed shiro: Permission configuration...

7.5CVSS7.1AI score0.48019EPSS
Exploits3
NVD
NVD
added 2020/08/17 9:15 p.m.16 views

CVE-2020-13933

Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass...

7.5CVSS7.7AI score0.48019EPSS
Exploits3References16
OSV
OSV
added 2020/08/17 9:15 p.m.31 views

CVE-2020-13933

Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass...

7.5CVSS6.9AI score
Exploits0References16
UbuntuCve
UbuntuCve
added 2020/08/17 9:15 p.m.38 views

CVE-2020-13933

Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass...

7.5CVSS7.1AI score0.48019EPSS
Exploits3References3
Cvelist
Cvelist
added 2020/08/17 8:19 p.m.23 views

CVE-2020-13933

Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass...

8.6AI score0.48019EPSS
Exploits3References16
CVE
CVE
added 2020/08/17 8:19 p.m.169 views

CVE-2020-13933

Apache Shiro vulnerabilities CVE-2020-13933 affects Shiro

7.5CVSS7.5AI score0.48019EPSS
Exploits3References16Affected Software1
Debian CVE
Debian CVE
added 2020/08/17 8:19 p.m.39 views

CVE-2020-13933

Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass...

7.5CVSS7.7AI score0.48019EPSS
Exploits3
Rows per page
Query Builder