289 matches found
CVE-2025-52477
CVE-2025-52477 affects Octo-STS, a GitHub App acting as a Security Token Service for the GitHub API. The vulnerability is an unauthenticated SSRF that can be triggered by abusing fields in OpenID Connect tokens, causing internal network requests and potential exposure of sensitive information in ...
octo-sts 代码问题漏洞
octo-sts is a Chainguard's GitHub security token service open-sourced by octo-sts. A code issue vulnerability exists in octo-sts versions prior to v0.5.3, which stems from an unauthenticated server-side request forgery vulnerability...
CVE-2025-6001
A Cross-Site Request Forgery CSRF vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into the VirtueMart media manager...
CVE-2023-38372
An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201...
CVE-2021-20077
Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token...
CVE-2012-5607
The "Lost Password" reset functionality in ownCloud before 4.0.9 and 4.5.0 does not properly check the security token, which allows remote attackers to change an accounts password via unspecified vectors related to a "Remote Timing Attack."...
PT-2025-21476 · WordPress · Eventprime
Name of the Vulnerable Software and Affected Versions: EventPrime WordPress plugin versions prior to 3.5.0 Description: The issue concerns a lack of proper permission validation when updating bookings, allowing users to change or cancel bookings for other users. Additionally, the feature lacks a...
SUSE CVE-2025-32963
MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the spec.audiences field, the default will be of the Kubernetes apiserver. Without scoping, it can be replayed to other internal systems, which may unintentionally trust it...
IBMi Navigator 7.5 - Server Side Request Forgery (SSRF)
Author Title: John Page aka hyp3rlinx Author Website: hyp3rlinx.altervista.org Source: https://hyp3rlinx.altervista.org/advisories/IBMiNavigatorHTTPSecurityTokenBypass-CVE-2024-51464.txt Vendor: www.ibm.com Vendor www.ibm.com Product Navigator for i is a Web console interface where you can perfor...
IBMi Navigator 7.5 - HTTP Security Token Bypass
Author Title: John Page aka hyp3rlinx Author Website: hyp3rlinx.altervista.org Source: https://hyp3rlinx.altervista.org/advisories/IBMiNavigatorHTTPSecurityTokenBypass-CVE-2024-51464.txt Vendor: www.ibm.com Product Navigator for i is a Web console interface where you can perform the key tasks to...
CVE-2019-15002
An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. The login form doesn’t require a CSRF token. As a result, an attacker can log a user into the system under an unexpected account...
Dolibarr 20.0.1 SQL Injection
Titles: dolibarr 20.0.1 Multiple security token SQLi Author: nu11secur1ty Date: 10/15/2024 Vendor: https://www.dolibarr.org/ Software: https://www.dolibarr.org/downloads.php Reference: https://portswigger.net/web-security/sql-injection Description: The socid parameter appears to be vulnerable to...
CGA-RW7G-MVHF-374H
Bulletin has no description...
The vulnerability of the AssumeRoleWithWebIdentity request of the Security Token Service (AWS STS) – a single API for interacting with object storage services and local files in Apache Arrow Rust Object Store – allows attackers to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the AssumeRoleWithWebIdentity request of the Security Token Service AWS STS – a single API for interacting with object storage services and local files – is related to insufficient protection of registration data. Exploiting this vulnerability allows an attacker to bypass...
Silverstripe Missing CSRF protection in login form
LoginForm calls disableSecurityToken, which causes a "shared host domain" vulnerability: http://stackoverflow.com/a/15350123...
PT-2024-40480 · Packagist · Silverstripe/Framework
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue arises from the LoginForm calling the disableSecurityToken function, which leads to a "shared host domain" vulnerability. This vulnerability is related to the way security...
Cross-Site Scripting (XSS)
prestashop/prestashop is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the customer thread feature allowing malicious file uploads through the front-office contact form. When an admin opens the attached file in back office, arbitrary JavaScript will be executed which can...
CVE-2024-34079
CVE-2024-34079 affects the octo-sts GitHub App (Security Token Service for the GitHub API). The issue enables excessive resource consumption, potentially causing denial of service when handling high traffic volumes. Public sources describe a DoS risk from unbounded resource usage or missing input...
Vulnerability fixed in Cisco Secure Client
Cisco has fixed a vulnerability in the Secure Client. A malicious party could exploit the vulnerability to use a malicious link to gain access to the SAML token of the victim and thus establish a VPN connection. Access to underlying systems and applications still require authentication. Cisco has...
CVE-2023-38372
An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201...