Lucene search
+L

4 matches found

OSV
OSV
added 2026/06/23 2:37 p.m.6 views

BIT-APISIX-2026-49871 Apache APISIX: cas-auth login CSRF / session injection issue

Cross-Site Request Forgery CSRF vulnerability in the cas-auth plugin under default configurations. This defect allows a remote attacker that manages to send a victim to a webpage controlled by them can cause the victim's browser to become authenticated as a different identity. Actions the victim...

9.3CVSS5.9AI score0.00261EPSS
Exploits0References3
Veracode
Veracode
added 2025/12/23 12:39 p.m.12 views

Cross-site Request Forgery (CSRF)

Jenkins is vulnerable to Cross-site Request Forgery CSRF. The vulnerability is due to missing or insufficient CSRF protection on login-related functionality, which allows an attacker to trick a victim into unknowingly authenticating into the attacker’s account...

3.5CVSS6.9AI score0.0016EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/02/20 3:42 a.m.51 views

CVE-2024-43196

Summary (CVE-2024-43196) : IBM OpenPages with Watson 8.3 and 9.0 contains a vulnerability where an authenticated user can manipulate data in the Questionnaires application, enabling spoofing of other users’ responses. The CVSS base score is 4.3 (vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:...

4.3CVSS4.5AI score0.00219EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2019/08/08 2:33 p.m.70 views

Researchers Bypass Apple FaceID Using Biometrics 'Achilles Heel'

LAS VEGAS – Vulnerabilities have been uncovered in the authentication process of biometrics technology that could allow bad actors to bypass various facial recognition applications – including Apple’s FaceID. But there is a catch. Doing so requires the victim to be out cold. Researchers on...

0.1AI score
Exploits0References6
Rows per page
Query Builder