CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2010-0543

Malware in sbrugna...

9.3CVSS4.6AI score0.00414EPSS

Exploits0References4

Github Security Blog•added 2022/02/15 12:42 a.m.•28 views

nats-io/jwt not enforcing checking of Import token permissions

This advisory is canonically Problem Description The NATS server provides for Subjects which are namespaced by Account; all Subjects are supposed to be private to an account, with an Export/Import system used to grant cross-account access to some Subjects. Some Exports are public, such that anyon...

7.5CVSS7.3AI score0.0029EPSS

Exploits1References6Affected Software2

OSV•added 2021/05/21 4:22 p.m.•19 views

GHSA-J756-F273-XHP4 github.com/nats-io/nats-server Import token permissions checking not enforced

7.5CVSS7.4AI score0.0029EPSS

Exploits1References6

Positive Technologies•added 2021/03/16 12:0 a.m.•1 views

PT-2021-19229 · Unknown · Jwt Library +1

Name of the Vulnerable Software and Affected Versions: NATS Server versions 2.0.0 through 2.1.9 JWT library versions prior to 2.0.1 Description: The issue is related to Incorrect Access Control in the NATS server and JWT library. The validation of Import token bindings incorrectly warns on...

7.5CVSS7.3AI score0.0029EPSS

Exploits1References23

NVD•added 2010/03/30 6:30 p.m.•16 views

CVE-2010-0512

The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials...

9.3CVSS5.9AI score0.00414EPSS

Exploits0References3