Lucene search
+L

159 matches found

Nuclei
Nuclei
added 14 hours ago73 views

Apereo CAS Cross-Site Scripting

Apereo CAS through 6.4.1 allows cross-site scripting via POST requests sent to the REST API endpoints. id: CVE-2021-42567 info: name: Apereo CAS Cross-Site Scripting author: pdteam severity: medium description: Apereo CAS through 6.4.1 allows cross-site scripting via POST requests sent to the RES...

6.1CVSS5.8AI score0.08064EPSS
Exploits0References5
NVD
NVD
added 2026/07/02 8:17 p.m.5 views

CVE-2026-59099

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS0.00356EPSS
Exploits0References5
CVE
CVE
added 2026/07/02 7:42 p.m.33 views

CVE-2026-59099

Apereo CAS: vulnerability in 7.3.0 prior to 8.0.0-RC6 due to AES-GCM IV reuse across server lifetime, enabling remote unauthenticated attackers to recover plaintext webflow conversation state by known-plaintext analysis on multiple client-side webflow tokens collected from the unauthenticated log...

9.3CVSS6AI score0.00356EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/02 7:42 p.m.9 views

CVE-2026-59099

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS6AI score0.00356EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/07/02 7:42 p.m.35 views

CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS0.00356EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/07/02 7:42 p.m.7 views

CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS6.2AI score0.00356EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 7:42 p.m.3 views

CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS6.2AI score0.00356EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.18 views

PT-2026-55299

Name of the Vulnerable Software and Affected Versions Apereo CAS versions 7.3.0 through 8.0.0-RC5 Description A cryptographic issue allows remote unauthenticated attackers to recover plaintext conversation state. This occurs because the system reuses the AES-GCM initialization vector IV across th...

9.3CVSS6.2AI score0.00356EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: cryptacular (UTSA-2026-016656)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016656 advisory. CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode...

7.5CVSS6.9AI score0.03334EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2026/03/23 12:0 a.m.13 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC2), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC2) +3 more potentially affected by CVE-2026-22739 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.1)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-22739 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-15762281...

8.6CVSS5.8AI score0.0122EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-1311

Malware in sbrugna...

7.5CVSS6.4AI score0.02843EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-1832

Malware in sbrugna...

7.5CVSS7.5AI score0.01219EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0798

Malware in sbrugna...

7.5CVSS7.5AI score0.01687EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33684

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00349EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-54465

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00941EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-12426

Malicious code in bioql PyPI...

5.3CVSS4.7AI score0.00516EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-2624

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00503EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-12427

Malicious code in bioql PyPI...

5.1CVSS3.9AI score0.00522EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.23 views

EUVD-2025-12431

Malicious code in bioql PyPI...

5CVSS5.2AI score0.00394EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-33685

Malicious code in bioql PyPI...

8.1CVSS4.8AI score0.00741EPSS
Exploits1References5
Rows per page
Query Builder