Lucene search
+L

685 matches found

nuclei
nuclei
added 5 hours ago33 views

SolarWinds Web Help Desk - Authentication Bypass

SolarWinds Web Help Desk 12.8.8 HF1 and earlier contains an authentication bypass vulnerability in the WebObjects session handling. By crafting a request with a manipulated path component to an internal admin page endpoint, an unauthenticated attacker can access privileged administrative function...

9.8CVSS7.1AI score0.8413EPSS
Exploits5References4
nuclei
nuclei
added 5 hours ago25 views

WordPress CAS Theme <= 1.0.0 - Server-Side Request Forgery

The CAS WordPress theme through version 1.0.0 is vulnerable to Server-Side Request Forgery SSRF via the 'url' parameter in the getremotedata.php script. This vulnerability allows unauthenticated attackers to make the server perform requests to arbitrary URLs. id: CVE-2024-4399 info: name: WordPre...

9.1CVSS6.2AI score0.01836EPSS
Exploits2References2
nuclei
nuclei
added 5 hours ago73 views

Apereo CAS Cross-Site Scripting

Apereo CAS through 6.4.1 allows cross-site scripting via POST requests sent to the REST API endpoints. id: CVE-2021-42567 info: name: Apereo CAS Cross-Site Scripting author: pdteam severity: medium description: Apereo CAS through 6.4.1 allows cross-site scripting via POST requests sent to the RES...

6.1CVSS6.4AI score0.08064EPSS
Exploits0References5
nvd
nvd
added 2026/07/02 8:17 p.m.5 views

CVE-2026-59099

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS0.00356EPSS
Exploits0References5
cve
cve
added 2026/07/02 7:42 p.m.33 views

CVE-2026-59099

Apereo CAS: vulnerability in 7.3.0 prior to 8.0.0-RC6 due to AES-GCM IV reuse across server lifetime, enabling remote unauthenticated attackers to recover plaintext webflow conversation state by known-plaintext analysis on multiple client-side webflow tokens collected from the unauthenticated log...

9.3CVSS6AI score0.00356EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/07/02 7:42 p.m.9 views

CVE-2026-59099

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS6AI score0.00356EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2026/07/02 7:42 p.m.35 views

CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS0.00356EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/07/02 7:42 p.m.7 views

CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS6.2AI score0.00356EPSS
Exploits0References5
osv
osv
added 2026/07/02 7:42 p.m.2 views

CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...

9.3CVSS6.2AI score0.00356EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/07/02 12:0 a.m.18 views

PT-2026-55299

Name of the Vulnerable Software and Affected Versions Apereo CAS versions 7.3.0 through 8.0.0-RC5 Description A cryptographic issue allows remote unauthenticated attackers to recover plaintext conversation state. This occurs because the system reuses the AES-GCM initialization vector IV across th...

9.3CVSS6.2AI score0.00356EPSS
Exploits0References10
osv
osv
added 2026/06/25 8:17 p.m.4 views

DEBIAN-CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

5.3CVSS5.8AI score0.00118EPSS
Exploits0References1
osv
osv
added 2026/06/25 8:17 p.m.7 views

UBUNTU-CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS5.8AI score0.00118EPSS
Exploits0References5
euvd
euvd
added 2026/06/25 7:30 p.m.9 views

EUVD-2026-39544

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS5.9AI score0.00118EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/25 7:30 p.m.7 views

CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS5.9AI score0.00118EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/06/24 8:56 p.m.20 views

CVE-2026-45688 Rocket.Chat: Pre-Auth NoSQL Injection in CAS Login Handler leading to Arbitrary CAS/SAML User Session Hijack

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's CAS login handler forwards the client-supplied options.cas.credentialToken value straight into a MongoDB findOneid: ... query...

9.1CVSS0.00289EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/24 8:56 p.m.10 views

CVE-2026-45688

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's CAS login handler forwards the client-supplied options.cas.credentialToken value straight into a MongoDB findOneid: ... query...

9.1CVSS5.9AI score0.00289EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/06/24 8:56 p.m.13 views

CVE-2026-45688

The CVE-2026-45688 entry describes a pre-auth NoSQL injection in Rocket.Chat’s CAS login handler. Before versions 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, the handler forwards client-supplied options.cas.credentialToken directly into a MongoDB findOne({_id: …}) query without...

9.1CVSS5.9AI score0.00289EPSS
Exploits0References1
osv
osv
added 2026/06/24 8:56 p.m.3 views

CVE-2026-45688 Rocket.Chat: Pre-Auth NoSQL Injection in CAS Login Handler leading to Arbitrary CAS/SAML User Session Hijack

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's CAS login handler forwards the client-supplied options.cas.credentialToken value straight into a MongoDB findOneid: ... query...

9.1CVSS5.9AI score0.00289EPSS
Exploits0References3
osv
osv
added 2026/06/23 2:37 p.m.4 views

BIT-APISIX-2026-49872 Apache APISIX: Improper authentication in cas-auth plugin

Improper Authentication vulnerability in Apache APISIX. When the cas-auth plugin is used in a route, an attacker can possibly authenticate itself with credentials from a different source. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to upgrade to version...

8.1CVSS5.9AI score0.0032EPSS
Exploits0References3
osv
osv
added 2026/06/23 2:37 p.m.6 views

BIT-APISIX-2026-49871 Apache APISIX: cas-auth login CSRF / session injection issue

Cross-Site Request Forgery CSRF vulnerability in the cas-auth plugin under default configurations. This defect allows a remote attacker that manages to send a victim to a webpage controlled by them can cause the victim's browser to become authenticated as a different identity. Actions the victim...

9.3CVSS5.9AI score0.00261EPSS
Exploits0References3
Rows per page
Query Builder