Lucene search
K

5 matches found

OSV
OSV
added 2026/06/25 6:26 p.m.5 views

GO-2026-5170 OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response in github.com/openfga/openfga

OpenFGA: Unauthenticated playground endpoint discloses preshared API key in HTML response in github.com/openfga/openfga...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References3
OSV
OSV
added 2026/05/18 5:34 p.m.7 views

GHSA-9M6V-8FXC-4R44 Sulu: Used API Keys may be available via Admin API

Impact The users endpoint controller exposes a project's apiKey field to the logged-in user, provided they have permission for that endpoint. This only has impact if a project itself uses that specific field, Sulu itself does nothing with it and has no authentication per apiKey in its core. Patch...

2.3CVSS5.8AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 6:38 p.m.7 views

CVE-2021-37414

Zoho ManageEngine DesktopCentral before 10.0.709 allows anyone to get a valid user's APIKEY without authentication...

7.5CVSS6.8AI score0.05189EPSS
Exploits0References1
OSV
OSV
added 2024/10/02 4:15 p.m.3 views

CVE-2024-6360

Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey. This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23...

9.8CVSS5.8AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2021/09/10 3:15 p.m.25 views

CVE-2021-37414

Zoho ManageEngine DesktopCentral before 10.0.709 allows anyone to get a valid user's APIKEY without authentication...

7.5CVSS0.05189EPSS
Exploits0References2
Rows per page
Query Builder