Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

Cvelist
Cvelistadded 2021/03/08 8:40 p.m.16 views

CVE-2021-21336 Exposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager

Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an information disclosure vulnerability - everyone can list the names of roles defined in the ZODB Role Manager plugin if the site uses this...

6.5CVSS6.8AI score0.00324EPSS
Exploits0References5
CVE
CVEadded 2021/03/08 8:40 p.m.72 views

CVE-2021-21336

CVE-2021-21336 affects the Plone/Zope component Products.PluggableAuthService. Before version 2.6.0, there is an information-disclosure vulnerability that allows listing the names of roles defined in the ZODB Role Manager plugin when the site uses this plugin. The issue has been fixed in version ...

6.5CVSS6.3AI score0.00324EPSS
Exploits0References5Affected Software1
CNNVD
CNNVDadded 2021/03/08 12:0 a.m.3 views

Products.PluggableAuthService 信息泄露漏洞

Jens Vagelpohl Products.PluggableAuthService is an open source application by Jens Vagelpohl. The product defines a fully pluggable user folder for use by all Zope sites. An information disclosure vulnerability exists in Products.PluggableAuthService that allows anyone to list the names of roles...

6.5CVSS6.4AI score0.00324EPSS
Exploits0References6
Rows per page
Query Builder