CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-11473

Malware in sbrugna...

6.1CVSS6.3AI score0.00322EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-30217

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00058EPSS

Exploits0References2

RedhatCVE•added 2025/09/21 12:11 a.m.•3 views

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

6.5CVSS6.9AI score0.00058EPSS

Exploits0References1

vulnersOsv•added 2025/09/19 3:41 a.m.•5 views

edu.internet2.middleware.grouper:grouper-scim (>=5.1.0 <=5.20.2), edu.internet2.middleware.grouper:grouper-ui (>=5.1.0 <=5.20.2) +3 more potentially affected by CVE-2025-59714 via edu.internet2.middleware.grouper:grouper (>=5.17.1 <=5.20.2)

edu.internet2.middleware.grouper:grouper MAVEN version =5.17.1, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.18.3 Source cves: CVE-2025-59714 Source advisory: SNYK:JAVA-EDUINTERNET2MIDDLEWAREGROUPER-13003670...

6.5CVSS5.8AI score0.00058EPSS

Exploits0

Snyk•added 2025/09/19 3:41 a.m.•3 views

Incorrect Authorization

Overview edu.internet2.middleware.grouper:grouper is an Internet2 Groups Management Toolkit Affected versions of this package are vulnerable to Incorrect Authorization via improper job scheduling in the loader jobs configuration process. A group administrator who is not a member of the Grouper...

8.4CVSS7AI score0.00058EPSS

Exploits0References2

OSV•added 2025/09/19 3:15 a.m.•0 views

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

4.9CVSS5.8AI score

Exploits0References1

NVD•added 2025/09/19 3:15 a.m.•1 views

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

6.5CVSS0.00058EPSS

Exploits0References1

Cvelist•added 2025/09/19 12:0 a.m.•20 views

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

6.5CVSS0.00058EPSS

Exploits0References1

CNNVD•added 2025/09/19 12:0 a.m.•2 views

Grouper 安全漏洞

Grouper is an Internet2 open source enterprise access management system designed for highly distributed administrative environments and heterogeneous information technology environments common to colleges and universities. A security vulnerability exists in Grouper versions 5.17.1 through prior t...

6.5CVSS6.3AI score0.00058EPSS

Exploits0References2

CVE•added 2025/09/19 12:0 a.m.•11 views

CVE-2025-59714

The CVE-2025-59714 entry concerns Internet2 Grouper. Affected: Grouper versions 5.17.1 up to 5.20.4 (before 5.20.5). Issue: group admins who are not Grouper sysadmins can configure loader jobs, enabling potential unauthorized loader job creation. Root cause: mis-validation/configuration of loader...

6.5CVSS6.5AI score0.00058EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/09/19 12:0 a.m.•2 views

CVE-2025-59714

In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...

6.5CVSS6.5AI score0.00058EPSS

Exploits0References1

Positive Technologies•added 2025/09/19 12:0 a.m.•2 views

PT-2025-38504

Name of the Vulnerable Software and Affected Versions Internet2 Grouper versions 5.17.1 through 5.20.4 Description Group administrators who are not also Grouper system administrators can configure loader jobs. Recommendations Update to a version prior to 5.17.1 or after 5.20.5...

6.5CVSS6.6AI score0.00058EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 8:9 a.m.•7 views

CVE-2024-39848

Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects "Grouper for Web Service...

9.1CVSS7.4AI score0.00067EPSS

Exploits0References1

HackRead•added 2025/01/01 10:42 a.m.•9 views

FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits

Researchers at FortiGuard Labs have identified a prolific attacker group known as "EC2 Grouper" who frequently exploits compromised credentials using AWS tools...

7.3AI score

Exploits0

NVD•added 2024/06/29 10:15 p.m.•17 views

CVE-2024-39848

9.1CVSS0.00067EPSS

Exploits0References1

Positive Technologies•added 2024/06/29 12:0 a.m.•3 views

PT-2024-28699 · Internet2 · Grouper For Web Services +1

Name of the Vulnerable Software and Affected Versions: Internet2 Grouper versions prior to 5.6 Grouper for Web Services versions prior to 4.13.1 Description: The issue allows authentication bypass when LDAP authentication is used in certain ways. This is related to the...

9.1CVSS7.7AI score0.00067EPSS

Exploits0References3

CVE•added 2024/06/29 12:0 a.m.•64 views

CVE-2024-39848

CVE-2024-39848 affects Internet2 Grouper prior to 5.6 and Grouper for Web Services prior to 4.13.1. The issue is an authentication bypass when LDAP authentication is used in certain ways, linked to WsGrouperLdapAuthentication and the use of a hard-coded UyY29r password for the M3vwHr account. Imp...

9.1CVSS7AI score0.00067EPSS

Exploits0References1

Vulnrichment•added 2024/06/29 12:0 a.m.•12 views

CVE-2024-39848

7.6AI score0.00067EPSS

Exploits0References1

Cvelist•added 2024/06/29 12:0 a.m.•16 views

CVE-2024-39848

0.00067EPSS

Exploits0References1

CNNVD•added 2024/06/29 12:0 a.m.•2 views

Internet2 Grouper Security Vulnerability

Grouper is an Internet2 open source enterprise access management system designed for highly distributed management environments and heterogeneous information technology environments common to colleges and universities. A security vulnerability exists in Internet2 Grouper versions prior to 5.6 tha...

9.1CVSS6.7AI score0.00067EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by