CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1266 matches found

vulnersOsv•added 2021/05/21 7:20 p.m.•1 views

com.scoperetail.fusion:fusion-connect (>=0.57 <=0.79), com.scoperetail.fusion:fusion-connect-core (>=0.21 <=0.58) +11 more potentially affected by CVE-2020-11972 via org.apache.camel:camel-rabbitmq (>=3.0.0 <=3.22.4)

org.apache.camel:camel-rabbitmq MAVEN version =3.0.0, =0.57, =0.21, =0.5, =0.1.0, =1.0.0, =0.10.1, =0.10.1, =2.0.0, =1.0.0-M6, =1.0.0-M6, =3.0.0, =3.22.4 - org.springframework.cloud:spring-cloud-contract-sample-camel =4.1.6 Source cves: CVE-2020-11972 Source advisory: OSV:GHSA-2X6R-7427-95CM...

9.8CVSS7.2AI score0.0692EPSS

Exploits0

vulnersOsv•added 2021/05/13 10:30 p.m.•4 views

net.simpledynamics:openid-connect-server-spring-boot-config (>=0.1.0 <=0.1.3), net.simpledynamics:openid-connect-server-spring-boot-samples-default (>=0.1.0 <=0.1.1) +7 more potentially affected by CVE-2021-26715 via org.mitre:openid-connect-server (>=1.1.0 <=1.3.3)

org.mitre:openid-connect-server MAVEN version =1.1.0, =0.1.0, =0.1.0, =0.1.0, =0.11, =1.1.0, =1.2.0, =1.2.0, =1.3.3 Source cves: CVE-2021-26715 Source advisory: OSV:GHSA-792R-MH2Q-P8QP...

9.1CVSS7.2AI score0.00552EPSS

Exploits1

CNVD•added 2021/05/11 12:0 a.m.•7 views

Atlassian Connect Spring Boot Authorization Issues Vulnerability

Atlassian Connect Spring Boot is an application component from Atlassian Australia. A Spring Boot starter program is provided for building Atlassian Connect add-ons for JIRA Software, Service Desk and Core and Confluence. An authorization issue vulnerability exists in Atlassian Connect Spring Boo...

9.1CVSS6.5AI score0.00388EPSS

Exploits1References1

vulnersOsv•added 2021/05/10 3:19 p.m.•4 views

com.quamto.jira:plugins-base (>=1.1.1-rc <=1.6.1) potentially affected by CVE-2021-26074 via com.atlassian.connect:atlassian-connect-spring-boot-starter (>=1.2.1 <=1.5.0)

com.atlassian.connect:atlassian-connect-spring-boot-starter MAVEN version =1.2.1, =1.1.1-rc, =1.6.1 Source cves: CVE-2021-26074 Source advisory: OSV:GHSA-CPCR-74Q9-74GP...

6.5CVSS6.5AI score0.00258EPSS

Exploits0

Github Security Blog•added 2021/05/10 3:19 p.m.•45 views

Broken Authentication in Atlassian Connect Spring Boot

Broken Authentication in Atlassian Connect Spring Boot ACSB from version 1.1.0 before version 2.1.3. Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a...

6.5CVSS4.6AI score0.00258EPSS

Exploits0References4Affected Software1

OSV•added 2021/05/10 3:19 p.m.•19 views

GHSA-CPCR-74Q9-74GP Broken Authentication in Atlassian Connect Spring Boot

6.5CVSS6.4AI score0.00258EPSS

Exploits0References3

NVD•added 2021/05/10 12:15 a.m.•9 views

CVE-2021-26077

Broken Authentication in Atlassian Connect Spring Boot ACSB in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Sprin...

9.1CVSS0.00388EPSS

Exploits1References2

OSV•added 2021/05/10 12:15 a.m.•4 views

CVE-2021-26077

8.8CVSS7.3AI score

Exploits0References2

Prion•added 2021/05/10 12:15 a.m.•13 views

Authentication flaw

6.5CVSS8.6AI score0.00388EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2021/05/09 11:55 p.m.•4 views

CVE-2021-26077

8.7AI score0.00388EPSS

Exploits1References2

Cvelist•added 2021/05/09 11:55 p.m.•11 views

CVE-2021-26077

8.9AI score0.00388EPSS

Exploits1References2

CVE•added 2021/05/09 11:55 p.m.•88 views

CVE-2021-26077

Atlassian Connect Spring Boot (ACSB) has a Broken Authentication issue in affected versions: 1.1.0 to 2.1.3 and 2.1.4 to 2.1.5. The root cause is acceptance of context JWTs in lifecycle endpoints (e.g., installation) where server-to-server JWTs are required, enabling authenticated re-installation...

9.1CVSS8.6AI score0.00388EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2021/05/09 12:0 a.m.•2 views

PT-2021-16944 · Atlassian · Connect Spring Boot

Name of the Vulnerable Software and Affected Versions: Atlassian Connect Spring Boot versions 1.1.0 through 2.1.3 Atlassian Connect Spring Boot versions 2.1.4 through 2.1.5 Description: The issue concerns Atlassian Connect Spring Boot, a Java Spring Boot package for building Atlassian Connect app...

9.1CVSS7.1AI score0.00388EPSS

Exploits1References5

CNNVD•added 2021/05/09 12:0 a.m.•2 views

Atlassian Connect Spring Boot 授权问题漏洞

9.1CVSS5.6AI score0.00388EPSS

Exploits1References3

vulnersOsv•added 2021/04/30 4:14 p.m.•3 views

cn.felord:payment-spring-boot-starter (>=1.0.0.RELEASE <=1.0.10.RELEASE), cn.hermesdi:api-crypto-spring-boot-starter (>=1.0.0 <=1.0.0.RELEASE) +150 more potentially affected by CVE-2020-28052 via org.bouncycastle:bcprov-jdk15to18 (>=1.65 <=1.66)

org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.65, =1.0.0.RELEASE, =1.0.0, =1.5.1, =2.0.0, =0.7.7, =0.7.7, =0.7.7, =0.7.7, =0.0.1, =0.0.1, =1.0.0, =5.23.1, =5.24.6 and more Source cves: CVE-2020-28052 Source advisory: OSV:GHSA-73XV-W5GP-FRXH...

8.1CVSS6.8AI score0.04099EPSS

Exploits1

RedHat Linux•added 2021/04/27 8:47 a.m.•80 views

Moderate: Red Hat Security Advisory: Red Hat Fuse 7.8.1 patch release and security update

A micro version update from 7.8.0 to 7.8.1 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot 2. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impac...

8.1CVSS6.7AI score0.04099EPSS

Exploits1References5

vulnersOsv•added 2021/04/26 4:4 p.m.•4 views

org.smartboot.flow:smart-flow-admin (>=1.0.8 <=1.1.4), org.smartboot.servlet:smart-servlet-maven-plugin (>=0.1.9 <=0.6) +1 more potentially affected by CVE-2021-29425 via org.smartboot.servlet:servlet-core (>=0.1.9 <=0.6)

org.smartboot.servlet:servlet-core MAVEN version =0.1.9, =1.0.8, =0.1.9, =0.1.9, =0.6 Source cves: CVE-2021-29425 Source advisory: OSV:GHSA-GWRP-PVRQ-JMWV...

5.8CVSS6.7AI score0.00606EPSS

Exploits1

NVD•added 2021/04/16 3:15 a.m.•11 views

CVE-2021-26074

Broken Authentication in Atlassian Connect Spring Boot ACSB from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a...

6.5CVSS0.00258EPSS

Exploits0References2

Prion•added 2021/04/16 3:15 a.m.•19 views

Authentication flaw

4CVSS6.4AI score0.00258EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/04/16 3:0 a.m.•13 views

CVE-2021-26074

6.6AI score0.00258EPSS

Exploits0References2

Rows per page