Lucene search
K

7 matches found

CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a security vulnerability, which stems from the improper application of the OIDC bypass feature in the domain-level notBefore policy. This vulnerability may cause revoked tokens to remain...

5.4CVSS5.8AI score0.00281EPSS
Exploits0References2
OSV
OSV
added 2026/03/23 4:34 p.m.2 views

SUSE-SU-2026:0975-1 Security update for python-Authlib

This update for python-Authlib fixes the following issues: - CVE-2026-27962: JWS deserializecompact allows for signature bypass by accepting user-controlled embedded JWK as verification key bsc1259738. - CVE-2026-28490: cryptographic padding oracle in JWE RSA15 key management algorithm bsc1259736...

9.1CVSS5.8AI score0.00548EPSS
Exploits3References7
OpenVAS
OpenVAS
added 2024/12/20 12:0 a.m.20 views

Discourse 3.4.x < 3.4.0.beta4 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

9.1CVSS7.5AI score0.25431EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.4 views

Nuki Bridge 安全漏洞

Nuki Bridge is a smart lock control software from Nuki. A security vulnerability exists in v1.x versions prior to Nuki Bridge v1.22.0 and v2.x versions prior to v2.13.2, and Nuki Keypad v1.9.2 prior to v1.9.2, which stems from the fact that an attacker may be able to connect to the device and...

9.8CVSS6.5AI score0.0161EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.19 views

Coder 安全漏洞

Coder is an application from Coder that allows you to set up a development environment in a public or private cloud infrastructure. A security vulnerability exists in Coder and CoderV2 that stems from a security hole in OIDC authentication that allows an attacker to bypass authentication and crea...

8.2CVSS8.1AI score0.00965EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.4 views

SUSE CVE-2012-2213

Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a vulnerable system, and...

5CVSS7.1AI score0.12314EPSS
Exploits0References3
OSV
OSV
added 2015/09/28 8:59 p.m.4 views

UBUNTU-CVE-2015-5400

Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cachepeer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request...

6.8CVSS7AI score0.16525EPSS
Exploits1References4
Rows per page
Query Builder