Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/03/25 12:26 a.m.5 views

SUSE CVE-2026-28789

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin's OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...

7.5CVSS5.8AI score0.00394EPSS
Exploits1References3
CVE
CVE
added 2026/03/05 7:33 p.m.13 views

CVE-2026-28789

OliveTin prior to 3000.10.3 is vulnerable to an unauthenticated denial-of-service in the OAuth2 login flow. Concurrent requests to /oauth/login can access a shared registeredStates map unsafely, causing a Go runtime panic (fatal error: concurrent map writes) and terminating the process when OAuth...

7.5CVSS5.9AI score0.00394EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/05 7:33 p.m.3 views

CVE-2026-28789

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...

7.5CVSS5.9AI score0.00394EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2020/12/04 12:0 a.m.3 views

XSS Vulnerability in PigX Rapid Development Framework

PigX Rapid Development Framework is based on Spring Security OAuth2 to achieve account password , SMS verification code login , social login , etc., to provide an open platform based on OAuth2 authorization code mode . PigX Rapid Development Framework has an XSS vulnerability. Attackers can use t...

6.5AI score
Exploits0
Rows per page
Query Builder