Lucene search
+L

4 matches found

Snyk
Snyk
added 2026/05/15 6:30 p.m.8 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the discovery document retrieval process via uripukidpenc and uripukidpsig properties. An attacker can intercept and modify the TLS connection to substitute a forged discovery document...

9.1CVSS5.4AI score0.00118EPSS
Exploits0References2
OSV
OSV
added 2026/04/16 11:36 p.m.9 views

BIT-AUTHENTIK-2024-42490 authentik has Insufficient Authorization for several API endpoints

authentik is an open-source Identity Provider. Several API endpoints can be accessed by users without correct authentication/authorization. The main API endpoints affected by this are /api/v3/crypto/certificatekeypairs//viewcertificate/, /api/v3/crypto/certificatekeypairs//viewprivatekey/, and...

7.5CVSS5.6AI score0.00563EPSS
Exploits0References4
Snyk
Snyk
added 2025/10/02 6:36 a.m.8 views

Incorrect Authorization

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Incorrect Authorization via incomplete role-based checks in the checkproxyadminvieweraccess function. An attacker can modify user credentials by sending crafted requests to...

7.1CVSS7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.3 views

PT-2024-29987

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2024.4.4 authentik versions 2024.6.0-rc1 through 2024.6.3 authentik versions prior to 2024.8.0 Description The issue concerns an open-source Identity Provider where several API endpoints can be accessed by users...

9.1CVSS5.7AI score0.00563EPSS
Exploits0References16
Rows per page
Query Builder