Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2018/10/05 9:29 p.m.8 views

CVE-2018-11083

Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access...

8.4CVSS8.1AI score0.00614EPSS
Exploits0References1
OSV
OSVadded 2018/10/05 9:29 p.m.17 views

CVE-2018-11083

Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access...

8.1CVSS6.9AI score0.00614EPSS
Exploits0References1
Cvelist
Cvelistadded 2018/10/05 9:0 p.m.10 views

CVE-2018-11083 Bosh accepts refresh tokens in place of an access token

Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access...

8.4CVSS8.1AI score0.00614EPSS
Exploits0References1
Cloud Foundry
Cloud Foundryadded 2018/09/11 12:0 a.m.547 views

USN-3756-1: Intel Microcode vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Description It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also kno...

5.6CVSS6.4AI score0.46733EPSS
Exploits2
OSV
OSVadded 2018/03/27 4:29 p.m.11 views

CVE-2018-1231

Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH...

8.8CVSS8.8AI score0.00291EPSS
Exploits0References1
Prion
Prionadded 2018/03/27 4:29 p.m.10 views

Improper access control

Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH...

6.5CVSS8.5AI score0.00291EPSS
Exploits0References1Affected Software1
CNVD
CNVDadded 2017/06/29 12:0 a.m.1 views

Cloud Foundry BOSH Elevation of Privilege Vulnerability

Cloud Foundry BOSH is an open source toolchain for release engineering, deployment and lifecycle management of large-scale distributed services. An elevation of privilege vulnerability exists in Cloud Foundry BOSH. An attacker can exploit the vulnerability to gain elevated privileges...

8.8CVSS7.4AI score0.002EPSS
Exploits0References1
Cloud Foundry
Cloud Foundryadded 2016/12/13 12:0 a.m.75 views

USN-3123-1: curl vulnerabilities | Cloud Foundry

USN-3123-1: curl vulnerabilities Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS...

9.8CVSS9.2AI score0.04507EPSS
Exploits0
Rows per page
Query Builder