Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2024/07/08 11:26 a.m.4 views

ca: token authentication bypass vulnerability

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege...

7.5CVSS5.8AI score0.00659EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2021/03/15 1:37 p.m.4 views

pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page

A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser...

4.7CVSS6.4AI score0.00661EPSS
Exploits0References4
OSV
OSV
added 2020/03/20 3:15 p.m.1 views

DEBIAN-CVE-2019-10179

A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority KRA Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting XSS vulnerability. An attacker could trick an authenticated victim into executing special...

6.1CVSS5.6AI score0.00919EPSS
Exploits0References1
CNVD
CNVD
added 2018/01/22 12:0 a.m.4 views

Unspecified Vulnerability in Oracle Financial Services Analytical Applications Infrastructure Component

Oracle Financial Services Applications is Oracle's suite of financial services software for core banking, online banking, and property management.Oracle Financial Services Analytical Applications Oracle Financial Services Analytical Applications Infrastructure is one of the financial services...

7.4CVSS6.6AI score0.01055EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2018/01/18 2:0 a.m.3 views

CVE-2018-2660

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 7.3.5.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network...

5.5AI score0.01055EPSS
Exploits3References3
Rows per page
Query Builder