Lucene search
K

9 matches found

RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.6 views

keycloak: Keycloak: Attacker can re-enable and take over disabled clients via Registration Access Token

A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 4:17 p.m.5 views

EUVD-2026-39474

A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...

6.5CVSS5.9AI score0.00267EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52508

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw in the client registration service allows a remote attacker with a previously issued Registration Access Token RAT to re-enable a client that was explicitly disabled by an...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-3693

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.01136EPSS
Exploits0References16
OSV
OSV
added 2022/05/13 1:9 a.m.3 views

GHSA-F5CH-36RG-VFCC Cross-Site Request Forgery in Apache CXF Fediz

Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...

8.8CVSS6.9AI score0.01136EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/05/13 1:9 a.m.21 views

Cross-Site Request Forgery in Apache CXF Fediz

Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...

8.8CVSS2.1AI score0.01136EPSS
Exploits0References11Affected Software1
Prion
Prion
added 2017/05/16 5:29 p.m.10 views

Cross site request forgery (csrf)

Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...

6.8CVSS8.6AI score0.01136EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2017/05/16 5:29 p.m.21 views

CVE-2017-7662

Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...

8.8CVSS8.6AI score0.01136EPSS
Exploits0References8
Cvelist
Cvelist
added 2017/05/16 5:0 p.m.26 views

CVE-2017-7662

Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...

8.7AI score0.01136EPSS
Exploits0References8
Rows per page
Query Builder