Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/05/21 5:11 p.m.42 views

CVE-2026-48248 Open ISES Tickets < 3.44.2 Disabled TLS Certificate Verification in incs/login.inc.php

Open ISES Tickets before 3.44.2 disables TLS certificate verification in incs/login.inc.php by setting CURLOPTSSLVERIFYPEER to false and not setting CURLOPTSSLVERIFYHOST when issuing outbound HTTPS requests issued during the login/authentication flow. An attacker positioned on the network path...

8.2CVSS0.00205EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2007-4641

Malware in sbrugna...

7.5CVSS6AI score0.03267EPSS
Exploits0References18
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 10:40 p.m.3 views

Malicious code in flow-security-cart (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e80dbff81931a20f9f1099da55fe0472b8f30458e4f53f69dc6a26b5aea6a48a The OpenSSF Package Analysis project identified 'flow-security-cart' @ 99.0.2 npm as malicious. It is considered malicious because: - The packag...

7.2AI score
Exploits0
OSV
OSV
added 2025/09/05 10:40 p.m.4 views

MAL-2025-46923 Malicious code in flow-security-cart (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e80dbff81931a20f9f1099da55fe0472b8f30458e4f53f69dc6a26b5aea6a48a The OpenSSF Package Analysis project identified 'flow-security-cart' @ 99.0.2 npm as malicious. It is considered malicious because: - The packag...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 8:53 a.m.11 views

CVE-2024-38371

authentik is an open-source Identity Provider. Access restrictions assigned to an application were not checked when using the OAuth2 Device code flow. This could potentially allow users without the correct authorization to get OAuth tokens for an application and access it. This issue has been...

8.6CVSS7.1AI score0.00585EPSS
Exploits0
Rows per page
Query Builder