Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-13409

Malware in sbrugna...

9.8CVSS8.9AI score0.01908EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11834

Malware in sbrugna...

6.5CVSS6.6AI score0.01352EPSS
Exploits0References3
Symantec
Symantec
added 2019/09/25 12:0 a.m.35 views

Pivotal Application Service CVE-2019-11275 Access Bypass Vulnerability

Description Pivotal Application Service is prone to a access-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. The following versions are vulnerable: Pivotal Application Service PAS 2.6 versions...

2.1AI score0.01068EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/08/19 3:15 p.m.27 views

CVE-2019-11276

Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjacent...

5.4CVSS5.5AI score0.00336EPSS
Exploits0References1
CVE
CVE
added 2019/08/19 2:49 p.m.49 views

CVE-2019-11276

CVE-2019-11276 affects Pivotal Apps Manager (included in Pivotal Application Service versions 2.3.x before 2.3.16, 2.4.x before 2.4.12, 2.5.x before 2.5.8, and 2.6.x before 2.6.3). The vulnerability arises when the application makes a request to the /cloudapplication endpoint via Spring Actuator ...

5.4CVSS5.5AI score0.00336EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/03/13 12:0 a.m.2 views

Pivotal Software Pivotal Application Service Information Disclosure Vulnerability

Pivotal Software Pivotal Application Service PAS is a suite of application management software from the American company Pivotal Software. A security vulnerability exists in Pivotal Software PAS versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7, and 2.4.x prior to 2.4.3, which stems from a...

9.8CVSS6.8AI score0.01908EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/03/07 7:0 p.m.24 views

CVE-2019-3777 Apps Manager unverified SSL certs in Cloud Controller proxy

Pivotal Application Service PAS, versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. A remote unauthenticated attacker that could hijack the Cloud Controller's DNS record could...

8CVSS9.4AI score0.01908EPSS
Exploits0References2
CVE
CVE
added 2019/03/07 7:0 p.m.44 views

CVE-2019-3777

Pivotal Application Service (PAS) versions 2.2.x before 2.2.12, 2.3.x before 2.3.7, and 2.4.x before 2.4.3 contain an apps manager that uses a Cloud Controller proxy which fails to verify SSL certificates. A remote unauthenticated attacker could hijack the Cloud Controller’s DNS record to interce...

9.8CVSS8.8AI score0.01908EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/03/07 6:29 p.m.17 views

Code injection

Pivotal Application Service PAS, versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. A remote unauthenticated attacker that could hijack the Cloud Controller's DNS record could...

5CVSS9.3AI score0.01908EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/03/07 6:29 p.m.5 views

CVE-2019-3777

Pivotal Application Service PAS, versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. A remote unauthenticated attacker that could hijack the Cloud Controller's DNS record could...

9.8CVSS7.4AI score0.01908EPSS
Exploits0References2
NVD
NVD
added 2019/03/07 6:29 p.m.17 views

CVE-2019-3777

Pivotal Application Service PAS, versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. A remote unauthenticated attacker that could hijack the Cloud Controller's DNS record could...

9.8CVSS8.3AI score0.01908EPSS
Exploits0References2
CNVD
CNVD
added 2018/09/19 12:0 a.m.3 views

Pivotal Application Service Pivotal Usage Service Elevation of Privilege Vulnerability

Pivotal Application Service is a suite of application management software from Pivotal Software, Inc. and Pivotal Usage Service is one of the service components. An elevation of privilege vulnerability exists in Pivotal Usage Service in Pivotal Application Service versions 2.0.21 prior to 2.0,...

8.8CVSS8.9AI score0.00961EPSS
Exploits0References1
Prion
Prion
added 2018/09/17 4:29 p.m.12 views

Improper access control

Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin...

4CVSS8.8AI score0.00961EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/09/17 4:29 p.m.16 views

CVE-2018-11088

Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the C...

8.8CVSS8.9AI score0.00961EPSS
Exploits0References1
Prion
Prion
added 2018/09/17 4:29 p.m.9 views

Improper access control

Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the C...

4CVSS8.8AI score0.00961EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/09/17 4:29 p.m.16 views

CVE-2018-11086

Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin...

8.8CVSS8.9AI score0.00961EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/09/17 4:0 p.m.16 views

CVE-2018-11086

Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin...

8.9AI score0.00961EPSS
Exploits0References1
CVE
CVE
added 2018/09/17 4:0 p.m.47 views

CVE-2018-11088

Pivotal Applications Manager in Pivotal Application Service is affected by CVE-2018-11088. The vulnerability affects versions 2.0 before 2.0.21, 2.1 before 2.1.13, and 2.2 before 2.2.5, due to a bug that can be exploited by a space developer with access to the system org to access an artifact con...

8.8CVSS8.8AI score0.00961EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/07/24 7:29 p.m.27 views

CVE-2018-11044

Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not escape all user-provided content when sending invitation emails. A malicious authenticated user can inject content...

6.5CVSS6.4AI score0.00733EPSS
Exploits0References1
CVE
CVE
added 2018/07/24 7:0 p.m.60 views

CVE-2018-11044

CVE-2018-11044 affects Pivotal Apps Manager included in Pivotal Application Service. The issue is that invitation emails do not escape all user-provided content in the invite, allowing a malicious authenticated user to inject content into an invite to another user. Affected versions are 2.2.x bef...

6.5CVSS6.3AI score0.00733EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder