CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-6585

Malicious code in bioql PyPI...

9.8CVSS7.3AI score0.00557EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 11:2 p.m.•7 views

CVE-2022-35540

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS7.1AI score0.00557EPSS

Exploits0References1

Github Security Blog•added 2022/08/19 12:0 a.m.•23 views

Use of Hard-coded Credentials in AgileConfig.Client

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS9.1AI score0.00557EPSS

Exploits0References3Affected Software1

OSV•added 2022/08/19 12:0 a.m.•20 views

GHSA-MJ5W-W588-J6XG Use of Hard-coded Credentials in AgileConfig.Client

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS9.6AI score0.00557EPSS

Exploits0References3

GitLab Advisory Database•added 2022/08/19 12:0 a.m.•22 views

Use of Hard-coded Credentials

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS5.9AI score0.00557EPSS

Exploits0References3Affected Software1

NVD•added 2022/08/18 11:15 p.m.•11 views

CVE-2022-35540

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS0.00557EPSS

Exploits0References1

ATTACKERKB•added 2022/08/18 11:15 p.m.•3 views

CVE-2022-35540

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS7AI score0.00557EPSS

Exploits0References2

OSV•added 2022/08/18 11:15 p.m.•8 views

CVE-2022-35540

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8CVSS9.6AI score

Exploits0References1

Prion•added 2022/08/18 11:15 p.m.•9 views

Hardcoded credentials

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

7.5CVSS9.5AI score0.00557EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/08/18 10:17 p.m.•14 views

CVE-2022-35540

Hardcoded JWT Secret in AgileConfig 1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access...

9.8AI score0.00557EPSS

Exploits0References1

CVE•added 2022/08/18 10:17 p.m.•463 views

CVE-2022-35540

CVE-2022-35540 concerns AgileConfig prior to 1.6.8 where a hard-coded JWT secret in the server enables remote attackers to forge a token and gain administrator access. The issue, documented across multiple sources (Red Hat, GHSA, OSV, NVD), attributes the root cause to an inline secret, allowing ...

9.8CVSS9.5AI score0.00557EPSS

Exploits0References1Affected Software1

CNNVD•added 2022/08/18 12:0 a.m.•2 views

AgileConfig 信任管理问题漏洞

AgileConfig is a lightweight configuration center for .NET Core-based development in the China .NET Core Community community. A trust management issue vulnerability exists in AgileConfig version 1.6.8, which stems from a hard-coded JWT Secret in the server that allows remote attackers to gain...

9.8CVSS7.2AI score0.00557EPSS

Exploits0References3

Positive Technologies•added 2022/08/18 12:0 a.m.•4 views

PT-2022-22898 · Unknown · Agileconfig

Name of the Vulnerable Software and Affected Versions: AgileConfig versions prior to 1.6.8 Description: The issue allows remote attackers to gain administrator access by utilizing a hardcoded JWT Secret in the AgileConfig Server. This can be achieved by using the generated JWT token...

9.8CVSS7.3AI score0.00557EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by