Lucene search
K

4 matches found

EUVD
EUVD
added 2026/05/06 12:30 p.m.8 views

EUVD-2026-27651

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, from 9.0.0 through 9.22.0, from 10.0.0 through 10.8.0. Users are recommended to upgrade to version 10.9.0, which fixes the issue...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/06 8:34 a.m.8 views

CVE-2026-40010

Missing invocation of Servlet http web request method changeSessionId after session binding can be exploited for a session fixation attack in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, 9.0.0, from 10.0.0 through 10.8.0. Users are recommended to upgrade to version...

5.7AI score0.00379EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/06 8:34 a.m.29 views

CVE-2026-42509

The CVE-2026-42509 entry covers an XSS vulnerability in Apache Wicket due to Improper Neutralization of Input During Web Page Generation. Affected versions are Apache Wicket 8.0.0 through 8.17.0, 9.0.0, and 10.0.0 through 10.8.0. The issue’s fix is to upgrade to version 10.9.0, which resolves the...

6.1CVSS5.8AI score0.00357EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.8 views

PT-2022-20983 · Hitachi · Hitachi Ops Center Analyzer

Name of the Vulnerable Software and Affected Versions: Hitachi Ops Center Analyzer versions 10.8.1-00 through 10.9.0-00 Description: The issue allows local users to gain sensitive information due to the insertion of sensitive information into log files. This is related to the Virtual Strage...

6.6CVSS5.4AI score0.00169EPSS
Exploits0References4
Rows per page
Query Builder