Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.9 views

SUSE SLED15 / SLES15 Security Update : python-PyJWT (SUSE-SU-2026:2627-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2627-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments...

7.4CVSS5.9AI score0.00394EPSS
Exploits4References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-43146

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00355EPSS
Exploits0References1
NVD
NVD
added 2023/09/07 1:15 p.m.19 views

CVE-2023-39422

The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loaded on the client side, thus rendering this extra safety mechanism useless...

9.8CVSS7.3AI score0.00355EPSS
Exploits0References1
Prion
Prion
added 2023/09/07 1:15 p.m.16 views

Code injection

The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loaded on the client side, thus rendering this extra safety mechanism useless...

7.5CVSS9.5AI score0.00355EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/07 12:22 p.m.13 views

CVE-2023-39422 Use of Hard-coded Credentials in multiple /irmdata/api/ endpoints

The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loaded on the client side, thus rendering this extra safety mechanism useless...

6.5CVSS7.3AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/07 12:22 p.m.25 views

CVE-2023-39422 Use of Hard-coded Credentials in multiple /irmdata/api/ endpoints

The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loaded on the client side, thus rendering this extra safety mechanism useless...

6.5CVSS9.8AI score0.00355EPSS
Exploits0References1
CVE
CVE
added 2023/09/07 12:22 p.m.2488 views

CVE-2023-39422

The CVE-2023-39422 issue affects the IRM Next Generation booking engine’s /irmdata/api/ endpoints. The root cause is that HMAC tokens used to authenticate requests are exposed in a client-side JavaScript file, which renders this extra safety mechanism ineffective. Descriptions across sources repe...

9.8CVSS7.3AI score0.00355EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/07 12:0 a.m.6 views

PT-2023-26943 · Unknown · Irm Next Generation

Name of the Vulnerable Software and Affected Versions: IRM Next Generation booking engine affected versions not specified Description: The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticate requests using HMAC tokens. However, these tokens are exposed in a...

9.8CVSS9.5AI score0.00355EPSS
Exploits0References6
Rows per page
Query Builder