Lucene search
K

7 matches found

OSV
OSV
added 2025/01/23 5:38 p.m.5 views

CVE-2025-24034 Himmelblau leaks credentials in the debug log

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to leaking credentials in debug logs. When debug logging is enabled, user access tokens are inadvertently logged, potentially...

3.2CVSS6.9AI score0.00195EPSS
Exploits0References8
CVE
CVE
added 2025/01/23 5:38 p.m.59 views

CVE-2025-24034

CVE-2025-24034 (Himmelblau) affects Himmelblau, an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.7.0 and older than 0.7.15 and older than 0.8.3, debug logging can leak credentials: user access tokens and Kerberos TGTs may be written to logs when debug is enabled. A...

3.2CVSS3.9AI score0.00195EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/06/18 12:0 a.m.7 views

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a project management tool that supports cloud hosting and local deployment, and is primarily geared towards team collaboration management, especially suitable for software development, human resources, marketing, and other scenarios. JetBrains YouTrack suffers from a securit...

7.5CVSS6.5AI score0.00443EPSS
Exploits0References2
NVD
NVD
added 2024/03/07 9:15 a.m.22 views

CVE-2023-42662

JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are vulnerable to an issue whereby user interaction with specially crafted URLs could lead to exposure of user access tokens due to improper handling of the CLI / IDE browser based SSO integration...

9.3CVSS9.2AI score0.00475EPSS
Exploits0References1
CVE
CVE
added 2024/03/07 8:29 a.m.65 views

CVE-2023-42662

CVE-2023-42662 (JFrog Artifactory) affects Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, and 7.71.8. The issue arises from improper handling of the CLI/IDE browser-based SSO integration, allowing user interaction with specially crafted URLs to expose user access tokens...

9.3CVSS9.2AI score0.00475EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/02 5:0 a.m.4 views

CVE-2024-21485

Versions of the package dash-core-components before 2.13.0; versions of the package dash-core-components before 2.0.0; versions of the package dash before 2.15.0; versions of the package dash-html-components before 2.0.0; versions of the package dash-html-components before 2.0.16 are vulnerable t...

6.5CVSS5.6AI score0.01475EPSS
Exploits1References9
CNVD
CNVD
added 2020/06/22 12:0 a.m.6 views

Unspecified Vulnerability in Mattermost Server (CNVD-2020-41497)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server that stems from the program not properly handling the permissions created by user access tokens. An attacker can exploit this vulnerability to...

5.3CVSS6.8AI score0.00769EPSS
Exploits0References1
Rows per page
Query Builder