Lucene search
+L

190 matches found

NVD
NVD
added 2 days ago9 views

CVE-2026-13410

Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled. The default user agent is initialised with SSLverifymode explicitly disabled. An attacker with network man-in-the-middle MITM capability between the Dancer application and googleapis.com can intercept the...

8.2CVSS0.00242EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-13410 Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled

Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled. The default user agent is initialised with SSLverifymode explicitly disabled. An attacker with network man-in-the-middle MITM capability between the Dancer application and googleapis.com can intercept the...

0.00242EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-45168

Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled. The default user agent is initialised with SSLverifymode explicitly disabled. An attacker with network man-in-the-middle MITM capability between the Dancer application and googleapis.com can intercept the...

8.2CVSS5.4AI score0.00242EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-45152

The HubSpot All-In-One Marketing – Forms, Popups, Live Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.3.62 via the wplocalizescript / window.leadinConfig JavaScript object. This makes it possible for authenticated attackers, with...

4.3CVSS5.3AI score0.00158EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago8 views

CVE-2026-9656

The HubSpot All-In-One Marketing – Forms, Popups, Live Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.3.62 via the wplocalizescript / window.leadinConfig JavaScript object. This makes it possible for authenticated attackers, with...

4.3CVSS5.3AI score0.00158EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-9810

The AI Copilot WordPress plugin before 1.5.4 does not bind OAuth access tokens to a WordPress user, and accepts any valid token as an administrator session, allowing unauthenticated attackers who complete the public OAuth flow to execute privileged MCP tools as an administrator, including arbitra...

9.8CVSS5.6AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-45793

Composer is a dependency Manager for the PHP language. Prior to 1.10.28, 2.2.28, and 2.9.8, Composer\IO\BaseIO::loadConfiguration validates GitHub OAuth tokens with the regex ^.A-Za-z0-9+$ and interpolates rejected tokens into an UnexpectedValueException; GitHub Actions GITHUBTOKEN values using t...

7.5CVSS0.00519EPSS
Exploits0References9
NVD
NVD
added 2026/07/10 9:16 p.m.4 views

CVE-2026-57218

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.updatesecret refresh to reduced scopes because existing consumers are not canceled or reauthorized at delivery time after...

6.5CVSS0.00321EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.40 views

CVE-2026-28699 Gitea Basic Auth bypasses OAuth2 access token scopes

Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication...

8.1CVSS0.00566EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/26 6:57 p.m.7 views

CVE-2026-52783

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, OpenProject's Storages module writes the OneDrive/SharePoint userless OAuth accesstoken plaintext to Rails.cache under the deterministic key storage..httpxaccesstoken, repopulated continuously by an...

8.2CVSS5.6AI score0.00129EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:57 p.m.5 views

CVE-2026-45689

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains a valid Rocket.Chat OAuth access token for an arbitrary user by sending a single HTTP POST with...

9.1CVSS6.1AI score0.00308EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in curl

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3, or SMTP scheme, curl may incorrectly pass the bearer token to the new target host...

5.3CVSS6.6AI score0.00611EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/22 1:9 p.m.10 views

CVE-2026-43994

A flaw was found in Coturn, an open-source TURN and STUN server. A remote attacker can exploit a stack buffer overflow vulnerability by providing a specially crafted OAuth access token when the server is configured to use --oauth mode. This could lead to arbitrary code execution RCE, allowing the...

9.8CVSS6.8AI score0.0045EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/06/20 2:30 a.m.12 views

SUSE CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

9.8CVSS6.1AI score0.0045EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t...

9.8CVSS6.1AI score0.0045EPSS
Exploits1References3
OSV
OSV
added 2026/06/18 9:16 p.m.6 views

UBUNTU-CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

9.8CVSS6.1AI score0.0045EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/18 7:44 p.m.8 views

CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

8.1CVSS5.7AI score0.0045EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/06/18 7:44 p.m.22 views

CVE-2026-43994 Coturn: Stack buffer overflow in decode_oauth_token_gcm()

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

8.1CVSS0.0045EPSS
Exploits1References2
CVE
CVE
added 2026/06/18 7:44 p.m.26 views

CVE-2026-43994

CVE-2026-43994 affects coturn before 4.10.0: a stack buffer overflow in decode_oauth_token_gcm() occurs when parsing an attacker-supplied OAuth token’s nonce_len, which is copied directly to a 256-byte stack buffer without bounds checking. Up to 735 bytes of attacker-controlled data may be writte...

9.8CVSS5.6AI score0.0045EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/18 7:44 p.m.10 views

CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

9.8CVSS6.1AI score0.0045EPSS
Exploits1
Rows per page
Query Builder