Lucene search
K

31 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0674

Malware in sbrugna...

7.5CVSS7.6AI score0.01642EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2646

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00663EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4848

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00662EPSS
Exploits0References6
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2233

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.01097EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1888

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00456EPSS
Exploits0References8
osv
osv
added 2022/05/17 7:57 p.m.17 views

GHSA-5R7W-PJX8-99QG JBoss KeyCloak Open Redirect

JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL...

6.1CVSS6.2AI score0.00663EPSS
Exploits0References5
github
github
added 2022/05/17 7:57 p.m.34 views

JBoss KeyCloak Open Redirect

JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL...

6.1CVSS6.9AI score0.00663EPSS
Exploits0References6Affected Software1
osv
osv
added 2022/05/17 7:57 p.m.15 views

GHSA-PX42-MR8M-CPGH JBoss KeyCloak Cross-site Scripting Vulnerability

If a JBoss Keycloak application was configured to use as a permitted web origin in the Keycloak administrative console, crafted requests to the login-status-iframe.html endpoint could inject arbitrary Javascript into the generated HTML code via the "origin" query parameter, leading to a cross-sit...

6.1CVSS5.9AI score0.00662EPSS
Exploits0References6
github
github
added 2022/05/17 7:57 p.m.21 views

JBoss KeyCloak Cross-site Scripting Vulnerability

If a JBoss Keycloak application was configured to use as a permitted web origin in the Keycloak administrative console, crafted requests to the login-status-iframe.html endpoint could inject arbitrary Javascript into the generated HTML code via the "origin" query parameter, leading to a cross-sit...

6.1CVSS5.8AI score0.00662EPSS
Exploits0References7Affected Software1
osv
osv
added 2022/05/17 12:26 a.m.22 views

GHSA-XR6Q-QQX7-553G JBoss Keycloak CSRF Vulnerability

The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery CSRF attacks by leveraging lack of CSRF protection...

8.8CVSS8.8AI score0.00816EPSS
Exploits1References5
nvd
nvd
added 2019/12/15 10:15 p.m.32 views

CVE-2014-3652

JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL...

6.1CVSS6.3AI score0.00663EPSS
Exploits0References2
prion
prion
added 2019/12/15 10:15 p.m.33 views

Open redirect

JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL...

5.8CVSS7AI score0.00663EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2019/12/10 2:15 p.m.13 views

CVE-2014-3656

JBoss KeyCloak: XSS in login-status-iframe.html...

6.1CVSS6AI score0.00662EPSS
Exploits0References2
prion
prion
added 2019/12/10 2:15 p.m.16 views

Design/Logic Flaw

JBoss KeyCloak: XSS in login-status-iframe.html...

4.3CVSS6.2AI score0.00662EPSS
Exploits0References2
nvd
nvd
added 2019/11/13 4:15 p.m.22 views

CVE-2014-3655

JBoss KeyCloak is vulnerable to soft token deletion via CSRF...

4.3CVSS4.7AI score0.00456EPSS
Exploits0References3
prion
prion
added 2019/11/13 4:15 p.m.26 views

Cross site request forgery (csrf)

JBoss KeyCloak is vulnerable to soft token deletion via CSRF...

4.3CVSS7.1AI score0.00456EPSS
Exploits0References3Affected Software2
cvelist
cvelist
added 2019/11/13 3:45 p.m.21 views

CVE-2014-3655

JBoss KeyCloak is vulnerable to soft token deletion via CSRF...

4.6AI score0.00456EPSS
Exploits0References3
cve
cve
added 2019/11/13 3:45 p.m.90 views

CVE-2014-3655

CVE-2014-3655 affects JBoss KeyCloak; vulnerability is soft token deletion via CSRF. Notable details from connected docs indicate exposure in affected Keycloak releases and a fix later stated as Keycloak 1.0.2.Final. Practical impact is limited to CSRF-enabled token deletion without broader acces...

4.3CVSS4.6AI score0.00456EPSS
Exploits0References3Affected Software1
redhatcve
redhatcve
added 2019/10/08 4:15 p.m.31 views

CVE-2018-14658

A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for both Login and Logout are not normalized in org.keycloak.protocol.oidc.utils.RedirectUtils before the redirect url is verified. This can lead to an Open Redirection attack...

6.1CVSS1.8AI score0.01097EPSS
Exploits0References2
osv
osv
added 2018/11/13 7:29 p.m.37 views

CVE-2018-14658

A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for both Login and Logout are not normalized in org.keycloak.protocol.oidc.utils.RedirectUtils before the redirect url is verified. This can lead to an Open Redirection attack...

6.1CVSS6.5AI score0.01097EPSS
Exploits0References4
Rows per page
Query Builder