Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.9 views

CVE-2022-25510

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges...

8.8CVSS7.2AI score0.01035EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2023/09/08 6:15 a.m.444 views

Exploit for Insecure Default Initialization of Resource in Apache Superset

CVE-2023-27524: Apache Superset Auth Bypass and RCE Apache Su...

9.8CVSS9.8AI score0.97405EPSS
Exploits20
Github Security Blog
Github Security Blog
added 2022/03/12 12:0 a.m.70 views

Hard coded credentials in FreeTAKServer

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges...

8.8CVSS5.5AI score0.01035EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/12 12:0 a.m.57 views

Hard coded credentials in FreeTAKServer

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges...

8.8CVSS5.5AI score0.01035EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/03/11 12:15 a.m.17 views

Hardcoded credentials

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges...

6.5CVSS8.9AI score0.01035EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2022/03/11 12:15 a.m.6 views

PYSEC-2022-43135

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges...

8.8CVSS7.3AI score0.01035EPSS
Exploits1References2Affected Software1
Hacker One
Hacker One
added 2021/11/01 7:23 a.m.7 views

Kubernetes: elections.k8s.io uses weak session secret key, may place elections at risk

The elections.k8s.io application used a weak Flask SECRETKEY, the string "N/A", to sign authentication cookies. This allowed the complete compromise of the application, as the session could be manipulated...

7AI score
Exploits0
Rows per page
Query Builder