Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Snyk
Snykadded 2026/04/15 8:22 p.m.5 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials when the nexus.orient.binaryListenerEnabled configuration is set to true. This option is set by default in legacy HA-C mode, but not in standalone deployments, including HA deployments. An attacker can gain...

9.2CVSS5.9AI score0.00042EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/07/07 5:48 p.m.2 views

CVE-2025-20325 Sensitive Information Disclosure in the SHCConfig logging channel in Clustered Deployments in Splunk Enterprise

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113, and 9.2.2406.119, the software potentially exposes the search head cluster splunk.secret key. This exposure could happen if you have a Search Head cluster and...

3.1CVSS7AI score0.00186EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 3:40 a.m.2 views

SUSE CVE-2021-34428

For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being...

3.6CVSS8.7AI score0.00294EPSS
Exploits1References3
RedHat Linux
RedHat Linuxadded 2021/10/18 5:45 p.m.3 views

jetty: SessionListener can prevent a session from being invalidated breaking logout

A flaw was discovered in the jetty-server, where if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts, this could result in a session not being...

3.6CVSS7.2AI score0.00294EPSS
Exploits1References5
OSV
OSVadded 2021/06/23 8:23 p.m.0 views

GHSA-M6CP-VXJX-65J6 SessionListener can prevent a session from being invalidated breaking logout

Impact If an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application us...

3.5CVSS6.7AI score0.00294EPSS
Exploits1References14
OSV
OSVadded 2021/06/22 3:15 p.m.0 views

UBUNTU-CVE-2021-34428

For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being...

3.5CVSS6.7AI score0.00294EPSS
Exploits1References4
Rows per page
Query Builder