Lucene search
+L

61 matches found

NVD
NVD
added 8 hours ago5 views

CVE-2026-13410

Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled. The default user agent is initialised with SSLverifymode explicitly disabled. An attacker with network man-in-the-middle MITM capability between the Dancer application and googleapis.com can intercept the...

8.2CVSS
Exploits0References4
CVE
CVE
added 8 hours ago6 views

CVE-2026-13410

Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled. The default user agent is initialised with SSLverifymode explicitly disabled. An attacker with network man-in-the-middle MITM capability between the Dancer application and googleapis.com can intercept the...

8.2CVSS5.4AI score
Exploits0References4
EUVD
EUVD
added 8 hours ago6 views

EUVD-2026-45168

Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled. The default user agent is initialised with SSLverifymode explicitly disabled. An attacker with network man-in-the-middle MITM capability between the Dancer application and googleapis.com can intercept the...

8.2CVSS5.4AI score
Exploits0References3
Cvelist
Cvelist
added 8 hours ago10 views

CVE-2026-13410 Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled

Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled. The default user agent is initialised with SSLverifymode explicitly disabled. An attacker with network man-in-the-middle MITM capability between the Dancer application and googleapis.com can intercept the...

Exploits0References3
CVE
CVE
added 2026/07/04 5:52 p.m.24 views

CVE-2026-12746

CVE-2026-12746 affects Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 (Perl). The underlying issue is that the OAuth 2.0 state parameter is not supported, causing the authentication_url to redirect without a state value and the callback to process the response without binding it to t...

8.1CVSS5.9AI score0.00186EPSS
Exploits0References4
OSV
OSV
added 2026/07/04 5:52 p.m.4 views

CVE-2026-12746 Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 for Perl do not support the OAuth 2.0 state parameter

Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 for Perl do not support the OAuth 2.0 state parameter. The authenticationurl method builds the provider authorization redirect without issuing a state value, and the callback method exchanges the callback code and registers the resulting...

8.1CVSS5.9AI score0.00186EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/16 12:34 a.m.12 views

EUVD-2026-37010

Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce. The default nonce was generated using an MD5 hash of the epoch time, which is predictable...

5.3CVSS5.2AI score0.00595EPSS
Exploits0References5
NVD
NVD
added 2026/06/15 10:16 p.m.13 views

CVE-2026-11832

Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce. The default nonce was generated using an MD5 hash of the epoch time, which is predictable...

9.1CVSS0.00327EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/15 9:19 p.m.39 views

CVE-2026-11832 Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce

Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce. The default nonce was generated using an MD5 hash of the epoch time, which is predictable...

0.00327EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.17 views

PT-2026-49526

Name of the Vulnerable Software and Affected Versions Dancer2::Plugin::Auth::OAuth versions prior to 0.22 Description The software defaults to a predictable nonce. This occurs because the default nonce is generated using an MD5 hash of the epoch time, which is a value representing the total numbe...

9.1CVSS5.9AI score0.00327EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.12 views

CVE-2026-5080

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.9CVSS5.4AI score0.00374EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-5080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints o...

5.9CVSS5.5AI score0.00374EPSS
Exploits0References3
NVD
NVD
added 2026/04/30 12:16 p.m.17 views

CVE-2026-5080

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.9CVSS0.00374EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/30 12:16 p.m.6 views

CVE-2026-5080

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.9CVSS5.7AI score0.00374EPSS
Exploits0References2
OSV
OSV
added 2026/04/30 12:16 p.m.10 views

UBUNTU-CVE-2026-5080

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.9CVSS5.8AI score0.00374EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/30 11:49 a.m.4 views

CVE-2026-5080 Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.3AI score0.00374EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/30 11:49 a.m.7 views

CVE-2026-5080

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.9CVSS5.3AI score0.00374EPSS
Exploits0
CVE
CVE
added 2026/04/30 11:49 a.m.17 views

CVE-2026-5080

CVE-2026-5080 affects Dancer::Session::Abstract for Perl up to version 1.3522. The insecure session IDs are generated by summing the absolute pathname’s character codepoints with the process ID, epoch time, and multiple rand() calls, then concatenating the result three times. Factors such as know...

5.9CVSS5.3AI score0.00374EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/30 11:49 a.m.5 views

CVE-2026-5080

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.9CVSS5.3AI score0.00374EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/30 11:49 a.m.8 views

EUVD-2026-26369

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.9CVSS5.3AI score0.00374EPSS
Exploits0References2
Rows per page
Query Builder