Lucene search
K

23 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/23 5:32 a.m.5 views

CVE-2026-2974

A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file sharedprefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/refreshToken/metadata/keyderivationparams/authmethods leads to...

2.5CVSS4.1AI score0.00099EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/02/09 8:37 p.m.5 views

org.keycloak.services.resources.organizations: Keycloak: Unauthorized organization registration via improper invitation token validation

A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token JWT payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an...

8.1CVSS5.8AI score0.00453EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2026/02/09 8:36 p.m.3 views

org.keycloak.services.resources.organizations: Keycloak: Unauthorized organization registration via improper invitation token validation

A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token JWT payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an...

8.1CVSS5.8AI score0.00453EPSS
Exploits2References4
CVE
CVE
added 2026/02/09 6:36 p.m.475 views

CVE-2026-1529

CVE-2026-1529 affects Keycloak. An attacker can craft/modify a legitimate invitation token’s JWT payload to change the organization ID and target email, exploiting a lack of cryptographic signature verification to self-register into an unauthorized organization and gain access. The vulnerability ...

8.1CVSS5.5AI score0.00453EPSS
Exploits2References7
NVD
NVD
added 2026/02/03 8:15 p.m.4 views

CVE-2025-62601

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

7.5CVSS0.00527EPSS
Exploits0References4
OSV
OSV
added 2026/02/03 8:15 p.m.7 views

UBUNTU-CVE-2025-62601

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

7.5CVSS6.1AI score0.00527EPSS
Exploits0References3
OSV
OSV
added 2026/02/03 7:29 p.m.7 views

CVE-2025-64098 FastDDS has Out-of-memory in readOctetVector via Manipulated DATA Submessage when DDS Security is enabled

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...

6.3CVSS5.5AI score0.00434EPSS
Exploits0References7
EUVD
EUVD
added 2026/02/03 7:20 p.m.4 views

EUVD-2025-206657

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

6.3CVSS5.7AI score0.00489EPSS
Exploits0References4
CVE
CVE
added 2026/02/03 7:20 p.m.16 views

CVE-2025-62602

Fast DDS has a heap buffer overflow in the DATA Submessage when DDS Security is enabled, caused by tampering with PID_IDENTITY_TOKEN or PID_PERMISSIONS_TOKEN (readOctetVector) that can overflow length calculation and trigger large allocations leading to OOM and remote denial of service. Affected ...

7.5CVSS5.7AI score0.00489EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/03 7:11 p.m.3 views

CVE-2025-62600

eprosima Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an...

8.6CVSS6AI score0.00412EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/02/03 7:11 p.m.7 views

CVE-2025-62600 FastDDS has Out-of-Memory in readPropertySeq via Manipulated DATA Submessage when DDS Security is enabled

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...

6.3CVSS5.5AI score0.00412EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/09/21 12:0 a.m.2 views

Webkul QloApps 安全漏洞

Webkul QloApps is a hotel reservation management software from Webkul. A security vulnerability exists in Webkul QloApps version 1.7.0 and earlier, which stems from the incorrect manipulation of the parameter token in the CSRF Token Handler component, which could lead to authorization bypass...

6.9CVSS5.3AI score0.0032EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/22 9:32 p.m.10 views

CVE-2021-21474

SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidatin...

6.5CVSS6.6AI score0.00701EPSS
Exploits0References1
OSV
OSV
added 2024/09/19 6:7 p.m.4 views

CLSA-2024-1726769233 krb5: Fix of 2 CVEs

CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap token to avoid appearing truncated to application - CVE-2024-37371: fix invalid memory reads during GSS message token handling...

9.1CVSS7AI score0.01863EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.4 views

AMD EPYC Buffer Error Vulnerability

AMD EPYC is a line of x86 architecture server microprocessors from AMD, known in Chinese as Xiaolong, which utilizes the Zen microarchitecture. The AMD EPYC suffers from a security vulnerability that originates from the inability to validate the value in the APCB, a privileged attacker may be abl...

4.9CVSS6.6AI score0.00434EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.7 views

PT-2023-12086 · Suse · Suse

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to the failure to validate the value in APCB, which may allow a privileged attacker to tamper with the APCB token. This tampering...

9.8CVSS6.5AI score0.74041EPSS
Exploits11References73
OSV
OSV
added 2023/10/02 3:15 p.m.4 views

CVE-2023-4659

Cross-Site Request Forgery vulnerability, whose exploitation could allow an attacker to perform different actions on the platform as an administrator, simply by changing the token value to "admin". It is also possible to perform POST, GET and DELETE requests without any token value. Therefore, an...

9.8CVSS5.8AI score0.0033EPSS
Exploits0References1
OSV
OSV
added 2022/06/07 9:15 p.m.3 views

CVE-2021-35530

A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's TXpert Hub CoreTec 4, that depends on a token validation of the session identifier, allows an unauthorized modified message to be executed in the server enabling an unauthorized actor to change an...

6.7CVSS6.6AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/09/01 12:0 a.m.8 views

PT-2020-7931

Name of the Vulnerable Software and Affected Versions: jws versions prior to 3.0.0 Description: The issue allows a malicious actor to modify the contents of a JWT while still passing verification, potentially leading to a complete authentication bypass. This can be achieved by exploiting the...

8.7CVSS5.2AI score0.01798EPSS
Exploits0References8
CNVD
CNVD
added 2019/11/27 12:0 a.m.2 views

CSRF Magic has an unspecified vulnerability

CSRF Magic is a CSRF Cross Site Request Forgery protection library for PHP applications. A security vulnerability in the 'csrfcallback' function in CSRF Magic 2016-03-27 and prior versions stems from a program that allows an attacker to tamper with csrf token values. A remote attacker can exploit...

8.8CVSS7AI score0.00616EPSS
Exploits1References1
Rows per page
Query Builder